dashboard.sezzle.com Open in urlscan Pro
2600:9000:2501:ae00:5:2c64:75c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sezzle.page.link/orders
Effective URL:
https://dashboard.sezzle.com/customer/orders
Submission: On March 04 via api (March 4th 2024, 11:11:46 pm UTC) from US — Scanned from US

Summary HTTP 260 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 260 HTTP transactions. The main IP is 2600:9000:2501:ae00:5:2c64:75c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com. The Cisco Umbrella rank of the primary domain is 708099.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 24th 2023. Valid for: a year.

This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
161	2600:9000:250... 2600:9000:2501:ae00:5:2c64:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:26a... 2600:9000:26a0:4600:1a:9a9d:1e00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e0:... 2606:4700:e0::ac40:6206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1402:880... 2600:1402:8800::1728:cdc1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1408:ec0... 2600:1408:ec00:1f::1735:23ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::61	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
19	44.240.237.16 44.240.237.16	16509 (AMAZON-02) (AMAZON-02)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c17::65	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
5	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4004:c07::63	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c19::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
260	23

2 2607:f8b0:4004:c17::84 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

sezzle.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

161 2600:9000:2501:ae00:5:2c64:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dashboard.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26a0:4600:1a:9a9d:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:6206 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cdc1 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:ec00:1f::1735:23ca (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 44.240.237.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-237-16.us-west-2.compute.amazonaws.com

api.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o215203.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sezzle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c07::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
183	sezzle.com dashboard.sezzle.com — Cisco Umbrella Rank: 708099 media.sezzle.com — Cisco Umbrella Rank: 33782 api.sezzle.com — Cisco Umbrella Rank: 269328 geoip.sezzle.com — Cisco Umbrella Rank: 481780	2 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	715 KB
13	google.com analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2	89 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1215 rs.fullstory.com — Cisco Umbrella Rank: 1199	280 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2184 ekr.zdassets.com — Cisco Umbrella Rank: 2517	214 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1405 ka-p.fontawesome.com — Cisco Umbrella Rank: 3225	146 KB
5	zendesk.com sezzle.zendesk.com — Cisco Umbrella Rank: 342913	1007 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3911 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 561	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	368 KB
4	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 7749	93 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	406 B
2	page.link 2 redirects sezzle.page.link	1 KB
1	sentry.io o215203.ingest.sentry.io — Cisco Umbrella Rank: 546220	324 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 3828	14 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4631	12 KB
1	rokt.com apps.rokt.com — Cisco Umbrella Rank: 7585	19 KB
260	17

	Domain	Requested by
161	dashboard.sezzle.com	dashboard.sezzle.com
18	api.sezzle.com	dashboard.sezzle.com api.sezzle.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	dashboard.sezzle.com www.gstatic.com www.google.com
7	static.zdassets.com	dashboard.sezzle.com static.zdassets.com
5	fonts.gstatic.com	www.google.com
5	sezzle.zendesk.com	static.zdassets.com
5	edge.fullstory.com	dashboard.sezzle.com edge.fullstory.com
5	ka-p.fontawesome.com	kit.fontawesome.com
4	analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com dashboard.sezzle.com
4	www.googletagmanager.com	dashboard.sezzle.com www.googletagmanager.com
4	fonts.cdnfonts.com	dashboard.sezzle.com fonts.cdnfonts.com
3	rs.fullstory.com	dashboard.sezzle.com
3	media.sezzle.com	dashboard.sezzle.com
2	firebaseinstallations.googleapis.com	dashboard.sezzle.com
2	stats.g.doubleclick.net	www.googletagmanager.com dashboard.sezzle.com
2	firebase.googleapis.com	dashboard.sezzle.com
2	kit.fontawesome.com	dashboard.sezzle.com kit.fontawesome.com
2	sezzle.page.link	2 redirects
1	geoip.sezzle.com	dashboard.sezzle.com
1	o215203.ingest.sentry.io	dashboard.sezzle.com
1	ekr.zdassets.com	static.zdassets.com
1	utt.impactcdn.com	dashboard.sezzle.com
1	websdk.appsflyer.com	dashboard.sezzle.com
1	apps.rokt.com	dashboard.sezzle.com
260	26

This site contains links to these domains. Also see Links.

Domain
legal.sezzle.com
sezzle.com

Subject Issuer	Validity	Valid
dashboard.sezzle.com Amazon RSA 2048 M03	`2023-08-24` - `2024-09-22`	a year	crt.sh
media.sezzle.com Amazon RSA 2048 M02	`2023-05-03` - `2024-05-31`	a year	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-14` - `2024-12-20`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
api.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
sezzle.zendesk.com Cloudflare Inc ECC CA-3	`2023-05-30` - `2024-05-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
geoip.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dashboard.sezzle.com/customer/orders
Frame ID: F840DB0D1E4CB61169B3FF950AB43FC3
Requests: 217 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Frame ID: 1C04A20753569ABE5B5E86134EEE1711
Requests: 9 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 7DE23D483695DEAB689B6F5CD3D61B5F
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: E6FBA2191BDC1E27066E7D9E69A1BB6B
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 676914BA80744550C35548C0FD73DB69
Requests: 1 HTTP requests in this frame

Frame: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
Frame ID: 5EBE1D24762390BFB77C62E209F7B737
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=fv6bzift4f7l
Frame ID: A96BEB12190114A6A222671F347A5C33
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
Frame ID: 5BCAC93425F8124AC4D013889FAC3BBA
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sezzle Dashboard: Welcome

Page URL History Show full URLs

http://sezzle.page.link/orders HTTP 301
https://sezzle.page.link/orders HTTP 302
https://dashboard.sezzle.com/customer/orders Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

260
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

4416 kB
Transfer

10318 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.sezzle.com/user/en-us/
Title: Sezzle User Agreement

Search URL Search Domain Scan URL

URL: https://legal.sezzle.com/privacy/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sezzle.com/
Title: ©2024 Sezzle Inc.

Search URL Search Domain Scan URL

URL: https://sezzle.com/contact-us/shopper-support
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sezzle.page.link/orders HTTP 301
https://sezzle.page.link/orders HTTP 302
https://dashboard.sezzle.com/customer/orders Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

260 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request orders Show response
dashboard.sezzle.com/customer/
Redirect Chain

http://sezzle.page.link/orders
https://sezzle.page.link/orders
https://dashboard.sezzle.com/customer/orders

7 KB
5 KB

137ms
44ms

Document
text/html

2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

390e9c43bfed154fd39c9da5fcd4c47a52f15be64142a0d0210dde445c8f3b93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 612
cache-control: max-age=600,public
content-encoding: gzip
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 23:11:39 GMT
etag: W/"s9l2ex5a3"
last-modified: Wed, 28 Feb 2024 20:32:57 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-id: zcvnzA-GHB-J45j7VmT-sNhEyIOop5NkSwHPjASxnUoG9CUHYgDc1g==
x-amz-cf-pop: IAD55-P5
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sezzleinc-test: test header
x-xss-protection: 1; mode=block;

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-P6-hG0Bg5aoLkaUnnOf2zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Mon, 04 Mar 2024 23:11:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://dashboard.sezzle.com/customer/orders
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sezzle-legacy-5.3.5.css
media.sezzle.com/style-guide/css/ 120 KB
22 KB 133ms
39ms Stylesheet
text/css 2600:9000:26a0:4600:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sezzle.com/style-guide/css/sezzle-legacy-5.3.5.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:4600:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 08:18:37 GMT
content-encoding: gzip
via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 54225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 15:07:41 GMT
server
etag: W/"eede49ea943b0bc51703fd902fcaec8a"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: Q_Ejah35SIlI_VEn6vFRTO2Orvy7PTbeevyD8TtAnEDyxdnhaL-sOQ==

GET
H2 200 satoshi
fonts.cdnfonts.com/css/ 2 KB
741 B 122ms
43ms Stylesheet
text/css 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/satoshi
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10854097
cf-polished: origSize=1959
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Oct 2023 08:10:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPYY8Z2IutUTD2JMhOwEgGvOKOC3E9Qhd8K5ckcAzZETLCg%2BnefObJiJjA2w%2FJYQBneWl3mCIj5XwIsN3Ww0dfMyvm2j1SrV26WwZuSj2pDwdVJgzoRZSyvDmimY7k1eZacOCOXvc7gyOIDuXhtatv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 85f58bf14c2d4361-EWR

GET
H2 200 launcher.js Show response
apps.rokt.com/wsdk/integrations/ 77 KB
19 KB 214ms
50ms Script
application/javascript 2600:1402:8800::1728:cdc1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/launcher.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:8800::1728:cdc1 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: NM961YGYYSGEEV1H
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18855
x-amz-id-2: Pxme5mRgM+fc4lCITLCJLnzzyp4EfGVtoV7ZuS12uXtBbgFmRMPS4dGwAZN6qeSfpGcfTwItLW4=
last-modified: Tue, 27 Feb 2024 06:30:28 GMT
server: AmazonS3
etag: "d282095455d54b6ddd5f00cc05448436"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 e6012efc1e.js Show response
kit.fontawesome.com/ 12 KB
5 KB 160ms
81ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 85f58bf179a5236a-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7l_2gKyzyufEV2nOVcB

GET
H2 200 37ce4942e883c62e7aa1.js Show response
dashboard.sezzle.com/customer/ 10 KB
8 KB 58ms
47ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a3ab05ae8b6d4a894adbb2de586d14bd1519550b4e417e265f55d5e1a1985157

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 7Ats3PNbEpa13R0FHUnc7h_dj0389M31
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 93
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"2fb396c95ad8e094f4da5883fb695ac2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZCggMYxk_2d0MEVKG4SENDYHG_jdx01gL9XKj4p_HtgBoEzOqfx-Fg==

GET
H2 200 1a256f2d971cdf513dde.js Show response
dashboard.sezzle.com/customer/ 121 KB
56 KB 101ms
90ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Yd1PyP_cJx8awNVR18UpMfifpqrlKY6G
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 744
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ce951a0b55d48e8e50b8f44e2b3548b6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YIHCdJ3nM3YQcMXxXA17_e4g0AzKzPtfHPVzpTwmzTHSoXRgiJZSyw==

GET
H2 200 5f2ac3972abfbd68e212.js Show response
dashboard.sezzle.com/customer/ 44 KB
16 KB 56ms
45ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5f2ac3972abfbd68e212.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: YJqrKgrLVirrJmu8bnrcuPij0IP2CjAd
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"851ab23630c047782f7829decc162c01"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fX0kPOpmtlYD8LP8UGc0NJ6vzaAHV4I6RWHnNCMXX2X7KywqcfgytQ==

GET
H2 200 43b66ae0e58e97f5166c.js Show response
dashboard.sezzle.com/customer/ 66 KB
22 KB 59ms
48ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/43b66ae0e58e97f5166c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NpXUugOeOYuKVh778vRm0juJjAh_clvo
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"05e3c200baafd8f7ce776ff3d328d226"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: o8CqM54nsdxnej4vuRLGukK1zSVlsAi-BlsisThFaeu4NAsL_wsmEA==

GET
H2 200 e14b8c01aac1fdb51cdb.js Show response
dashboard.sezzle.com/customer/ 37 KB
13 KB 99ms
89ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e14b8c01aac1fdb51cdb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: skO9IuYr3rbb0yOygN_Snw8O3yQDOqHo
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 93
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"12729470db7f7d594a19697cb023e4f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bsLpPkH3pX4Lf4xGOxMCXUlu8Ma4m-370j-ehbU5eL03_k7KjRufPA==

GET
H2 200 80bae9c390090021a0f1.js Show response
dashboard.sezzle.com/customer/ 169 KB
55 KB 63ms
53ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/80bae9c390090021a0f1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CGrDT5tMQWXZmfCY4ywFwmgvWa8oaZWt
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 744
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"a29c68cfc03011d191c67a36a47e3c6c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gV9TWb--JUCaGg6uZT8GHl3Iuoo6lhrEDE74dW-8j48kD9kB1dMXcA==

GET
H2 200 e02d3d5a53be08d3964e.js Show response
dashboard.sezzle.com/customer/ 30 KB
16 KB 62ms
53ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e02d3d5a53be08d3964e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tzxTHWl_WZUsaWE7TNHtG_mI.DPVqa0v
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"695895a7f31ff3beb7d8f1925bdb882a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1dU8lqRkQHKqM-IeiPQf0PzWVpTfSdU3d-iM86EpzEn77v1-bRj_Pw==

GET
H2 200 be3a9a570e455b866bd5.js Show response
dashboard.sezzle.com/customer/ 13 KB
6 KB 56ms
46ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be3a9a570e455b866bd5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: SlhLHmW2ZCmvXmYXaZc_VguCwpYA.5tf
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"e622c88365d8fa13ade95e934bf9738e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hgRU0y-u2BE5y8wLUlJYUotIRgTinFD0f28NedKZwQbcsH4a0xYrcA==

GET
H2 200 c0bec519dabc8742bd4f.js Show response
dashboard.sezzle.com/customer/ 14 KB
8 KB 57ms
48ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c0bec519dabc8742bd4f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QCYGIxT9tX5Bqoh3jalQXqshVWNRA20j
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"ff4e9b15c2aebd913ef9967f8e5c58a3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: XFwDMUA0MVlWxVhf8vrGx1iM7gfa6beBKGiUxhW_ceszbR8dRHsJsQ==

GET
H2 200 269f6ffb02ae81790952.js Show response
dashboard.sezzle.com/customer/ 58 KB
20 KB 145ms
136ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8njI8y0aeS85VYZnnaLge_QjxNSUeIgH
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"b896b0503f2af94aeef289aeeb816a23"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vN4c3FDcIVoAPmHjnlCfvKTNOwzqRt28boQmaqCbsyaSjacJtwECzw==

GET
H2 200 a161e2cc720d54eb9c15.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 146ms
137ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a161e2cc720d54eb9c15.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6b47c4528dcccce6b16e72adbcc0fb9c1eaf2ad30d2e5c65f4dcaad6377b04a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: atbTqKc6CaUaGSNhFxYfJlmVvD5gpVfX
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0b1ea5c6dd19367cef04446a81274a15"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ioQn4nPIp_aScy0unEsd5x-OsuSmAOefvITxYMQvMxep-PLvKaWv2g==

GET
H2 200 1f21e1d5495b0d2fbb0d.js Show response
dashboard.sezzle.com/customer/ 49 KB
23 KB 167ms
158ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f21e1d5495b0d2fbb0d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _Olq_FJVo2.m0ayWYbpH9OpitmW6VeUd
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"e1ad74a558591ec6da2f48ebaec8619c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: K5g6eYhCL4Mc7OshZadTQcyzNpzNy06BuzFdP3if_5OBMlzb-zKlaw==

GET
H2 200 dba21c409767f4c222d0.js Show response
dashboard.sezzle.com/customer/ 15 KB
9 KB 147ms
138ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dba21c409767f4c222d0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: PUd53P9Nr5E2crl5sHjycWeatPxBjYTT
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"71a283f0bd09929420eb42c943d2aee0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1ygzsHOm3HYUV-BxPZUUWId_p7B6XAHSiH0fdUhPk0Lkx0LZQ8LpdA==

GET
H2 200 d34ed654a54c7f7c2879.js Show response
dashboard.sezzle.com/customer/ 45 KB
20 KB 150ms
142ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d34ed654a54c7f7c2879.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rs9iE4KW9cOW_h9RTpbEN50Yd7xhwhjk
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"372139d2b2cf8f6907452a839ce3ce7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gYb-GzcKJQ1j9NNK0agthXMPQh7LU1549RQKCkc4R5BTuh4E_AHf5g==

GET
H2 200 cf61b0190262999540fc.js Show response
dashboard.sezzle.com/customer/ 32 KB
15 KB 147ms
139ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cf61b0190262999540fc.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wW1i1iwLWjiSYb4qCaegcIObeoammVkB
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"3ef2bebf8f0a6c92cf04e08f9be94d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: iYHEQpK0qQD3BDboZeWtlX3ELSIgS9HztiUHJK1QjrOtOMsDGyIK5w==

GET
H2 200 294199fb500e225f76d1.js Show response
dashboard.sezzle.com/customer/ 26 KB
13 KB 145ms
137ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/294199fb500e225f76d1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ecrbt2ZhfxM0uZV0g97PH3bEYPTNJ9ao
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"c30a3cad191b1adab2709c5df908b663"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: VdXkPfmw9N6_UB-4FEXvmKcoAAEWtd9_tC64WSuXjyahI2tK0DvrSw==

GET
H2 200 ba48324d348fdfd3de19.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 148ms
140ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ba48324d348fdfd3de19.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AbL92JvFgw6YXebEXWiQXJ0FwS6zAZH0
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"8246c443fd9c0ef91e582d500b6a2073"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zv9VCNh34Z1Zs_mcoB3t0JOVbUByEwyqeBpY5s4rqc4Gn-js4EUZJA==

GET
H2 200 20b8c23fb6af2dd22732.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 147ms
139ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: jmtSc3ffDE8mlyZca.efCNz_8mnyeC1S
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"d3457e3bb1fbbee2ae7c7fb50e75a2f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tyRD289QzJKQOBPOveR7665H0qvbADSK7jZQ_VekNTQtvswiJGNkjA==

GET
H2 200 16c09ace82ff2dfc6fec.js Show response
dashboard.sezzle.com/customer/ 54 KB
21 KB 150ms
142ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/16c09ace82ff2dfc6fec.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dSpdBiiiQxvHPKcyIRJg1sTCEArwqml.
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"9b95e5a5bdc30a0d8170ec5d7a544ba4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -V8AsiO2QCoH-QLhkO7RxXRbt4OiNq3LfLfhXKbrHOhuoHOoXunqYg==

GET
H2 200 39cfd9d68f2c9f4567f8.js Show response
dashboard.sezzle.com/customer/ 56 KB
23 KB 148ms
141ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e7d3d6094a85458cd7c2b83f4b41677cadfe0283b9a2551ea5da7ecb449688f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43kDaC36swPoGFG1Bq9ohzBbcjAIS9DT
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"5eb33a0c23ca4bd605c4c20245873d60"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: BGUKh-Qn9TFUEViVJt2DW1TNPcYeAxXHsWNA0Bdmc62LR7QFf11kAw==

GET
H2 200 71b702d49c2543430041.js Show response
dashboard.sezzle.com/customer/ 95 KB
35 KB 150ms
143ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/71b702d49c2543430041.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 5qNlpvcnHe.Rvz7sSTpknXEVYTXb1CF0
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"722d15a0ce497fdd562a3e13734b1204"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1eszMJYFgueyLJPnw4ojYqgEjXWVFBv-6c_Ait3zv8e3B1ve5HMseA==

GET
H2 200 5996d3e883a29e8c4b40.js Show response
dashboard.sezzle.com/customer/ 54 KB
22 KB 163ms
156ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5996d3e883a29e8c4b40.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: cbacPRf5EQU8gL1MzsDeirBtryLe7Gi.
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"1168ace9b755fdaa31bee8fa950c8422"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: j-yOTKxq2KLYMP9D4Ve08Oo-hF9E9hM0HTgVRntNZwWX6f6zJrSu3g==

GET
H2 200 7de6f906968d01481560.js Show response
dashboard.sezzle.com/customer/ 36 KB
14 KB 150ms
144ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7de6f906968d01481560.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BinHPoZ6KRq2I_6X3kmirW1j4gbfMICp
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"5cebdcfb449473308d6f20cd34547d2e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vlvYi7vUR1aTw1kA6sOEyzytFkU0uA5bGLgMu2r41edH-qyblns5nQ==

GET
H2 200 61579f7936eb81e43928.js Show response
dashboard.sezzle.com/customer/ 16 KB
9 KB 153ms
146ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/61579f7936eb81e43928.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NkFIxVj_0LbUZ5LbtEaj52sRflj0Sy9V
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"2263b54c2a6f363537fc3062ae60d537"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EEs0wRgHbcVMCwsmsqO1MA45kWrkpdrUWdxtvA7-0UfUfLs-YbyGKQ==

GET
H2 200 d179d030bcec3ad1bc79.js Show response
dashboard.sezzle.com/customer/ 42 KB
16 KB 156ms
150ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d179d030bcec3ad1bc79.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 65V6NFRHtmqNKNCHaRGfeTFujxsBP_Pn
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"38d0002465c17efa1cd33cd87389c560"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jT9dg5IGwLvUbldBc3Tz8BZx32NBlEC0REtNmAMH0pszXit-1kvOqQ==

GET
H2 200 84508b0119db4b8d89d8.js Show response
dashboard.sezzle.com/customer/ 16 KB
8 KB 152ms
145ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/84508b0119db4b8d89d8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RPy6zaUmprB412gnjS_10FZQy0pC8Ems
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"4ad5d7ff4221ec1e4ca63535a6b2861e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YYbWRUcuBsixA0H698keil15fFZn5Fygi6nOU1BlNHZjqDn1dhXy5A==

GET
H2 200 bc6c40607186b8123b82.js Show response
dashboard.sezzle.com/customer/ 41 KB
18 KB 162ms
156ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bc6c40607186b8123b82.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _0TnO3RTLi50ISORq7dP4qgAZXc89S4F
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"e9df12476a87375f0aee34c45d92b89e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wt1FiAEEaViTs-ou8bvW4A3qr1t5g33wY9stpR__Y3fd-2RfHMi1-A==

GET
H2 200 aba9eafb2237225c0091.js Show response
dashboard.sezzle.com/customer/ 21 KB
10 KB 150ms
144ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/aba9eafb2237225c0091.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ZOCUyibRBS22fO6emuL.KNIByCVMRo7y
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"69e7e26cd161eaa61d2cbf7533fb3795"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 2_3912zwdfZpbRtuBaxI0WgzK6Val69qfegXRz1igzP0qamSydU1mQ==

GET
H2 200 328af461014385e1d630.js Show response
dashboard.sezzle.com/customer/ 116 KB
47 KB 157ms
151ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/328af461014385e1d630.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _MXRjKoFV3q9eSLnMjMYsxm5MuEOYKT_
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"3e82368cce7f44c2deb21dae9eca8110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Y_Lwi955A-_X6wuKXT_DbqcXD5rGPNkRs4qE0UdvdVNBEbiiZLwi1A==

GET
H2 200 f49abfd21510e98e3b38.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 163ms
157ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f49abfd21510e98e3b38.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oRIAkTSD8lLGVXulORqSEXqCdu3g7_Wr
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:04 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 627
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"730b1a2493c00d17667ea85a514e2c30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1aoB0uB1NRNZZCEOS_6h9u7663cG7PIxgikSyu5qD78JrBMvVof2ow==

GET
H2 200 4194987c16fe56cf15b0.js Show response
dashboard.sezzle.com/customer/ 32 KB
17 KB 150ms
145ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JU6Cj8ghwVK0Z2pI7TN0ivkFSPmALb3X
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:04 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 551
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"0bd91b5148ec59c9333e41278a4e9d2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: PFqI6H-DcrWqpbbJdnHbVwTiGyHGfWes3Wzi-Iv0i-I9XnFF2XUbIA==

GET
H2 200 0c0b11036ab99da64633.js Show response
dashboard.sezzle.com/customer/ 18 KB
9 KB 199ms
194ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8kpUisd.QzBsXeIg9RMnq93tSJzb4rrr
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"47fa2fb58d7588410598540acbcacb55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: n0ef16xSTnVD4vrfrCSVOmCWUlm2-kKbNVPSPhLtQBLDteVxEox0_w==

GET
H2 200 3964e75922de7d163aa6.js Show response
dashboard.sezzle.com/customer/ 51 KB
22 KB 163ms
159ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3964e75922de7d163aa6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0v_5beta03TsEZMG9Ta7G6o_W6QvlAtA
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 93
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"1d1e68a5d66ada9f8becb9866ed46447"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 00D-BEclbjbafVdJa-inEZmGEZNWzhoAi5fNX6mEfMMJCXxmwx4SlQ==

GET
H2 200 6764fe5af3546fce4b6d.js Show response
dashboard.sezzle.com/customer/ 75 KB
31 KB 158ms
153ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6764fe5af3546fce4b6d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0o9TGy19DuJ3Y9CRPCN8fvA251PHdALI
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"6ebcc518518edc21122366a6670813ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QZqvaV54bmvpxrssmt6RvoL1iRFwg2HDRJKVar9TZttGZ7c8C7t-1g==

GET
H2 200 3462078edaa459035f59.js Show response
dashboard.sezzle.com/customer/ 139 KB
45 KB 151ms
147ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3462078edaa459035f59.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b67c43dec3a99d3df3014b752c42a7902451392ef9926add891e50e6332c1e24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6nw8WlWwel5RvFX2CZu1h_kvPawifZk2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 93
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"11552ee69cc05216f8c9e6e3c4af9fd1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: PlUN2keX--fQ4RE0cmJcj3HJ5_63-hHYbp2FuEYj_zHiL36c2KflgA==

GET
H2 200 0e9757d9ff6b94c34dde.js Show response
dashboard.sezzle.com/customer/ 34 KB
17 KB 156ms
152ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0e9757d9ff6b94c34dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: GbMsF8xpHvjfC10p9ZBlZE8M4vdodpFt
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 702
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"006fd4bb37401463eef8eacf9d8c0776"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: t1PdfD7teuqHfw0L_CxInixtkOgpJC5orXqO5KWC4avkc_OB-6yKWg==

GET
H2 200 e6a9154d373e57975b80.js Show response
dashboard.sezzle.com/customer/ 124 KB
35 KB 155ms
151ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21659c4eb8d562932783c9df9d9f84c463374874b3c4337dfa8da2f26a52d0e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nq7LFrNQUGXJvzTbeEUDXzcAnj2sam3m
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:08 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 93
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"f150d826714ea4730a7765319708b45b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: I_SLd4yv5Gw5oCYZ9F-iXY56cxw-mc_fBRUz_C0dfP17hmu4hy9Qzg==

GET
H2 200 822f616256e8d4f786ae.js Show response
dashboard.sezzle.com/customer/ 219 KB
61 KB 159ms
155ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/822f616256e8d4f786ae.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

40119ccc2391549e35936f246cb1d00aa80af10b043d8921707aa4b8f8794593

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .n34wSNMbslHs2lGPsz25wRB0Eg2gtwb
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:57 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 744
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"87acb017535b42018ff641bf20f44adc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7yQZ7aFIcbkoV8Z5wsMyqFdhQYh428x5CD6XCHKTL0PxYfF4lsqcLg==

GET
H2 200 3166a49e08d388802b5e.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 157ms
154ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3166a49e08d388802b5e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qwaUdRxB6iEuh0egRpy1movJkOGCPFtH
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"451635eba560a4f045ac3961ed1d5d8f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 50O15nMG_C-p82nuxKYtoGSNP3AJumI96Hu5xw9lDuNcMzgFPm78OQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 113ms
49ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 15
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSvmJQtiMy%2BnaKUXWxYsxVtIWoia7mwV5xSDGx0L5yFQ%2FpQ%2BZFdxexxlLjIKaHPpyCgvw7566CYjKzVciHKmACpMQL%2By7rX31zsMwnk0poLHGJtRgFWiKpqDcs2B%2B9ycLkerUnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 85f58bf16d177115-YYZ
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 151ms
45ms Script
application/javascript 2600:1408:ec00:1f::1735:23ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:1f::1735:23ca Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 23:11:39 GMT
Content-Encoding: gzip
x-amz-request-id: VPCP98F3K3N7Y0S8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: J0ehP83iGtFhFDzx9znFBbdK81DLNN3txzQUDzGLeFDByel0pX1qQacK6amhO9VxDmxquql6M8o=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1579
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Mon, 04 Mar 2024 23:37:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
101 KB 125ms
55ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b0b0926dfec435f28f7ad3dadf081db25a48281a0871e60838f132283d14887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102624
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:20:42 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Mar 2024 23:11:39 GMT

GET
H2 200 A4960984-1d8a-4877-8732-da02a6e830751.js Show response
utt.impactcdn.com/ 33 KB
14 KB 136ms
40ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:08:53 GMT
content-encoding: gzip
age: 166
x-guploader-uploadid: ABPtcPoTMFB6CRiUruWo-YoOQzRsQ8qqjqguGy5uWtZp0R0JM90cMofRc2zN7BI8bogafR_oOlE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13572
last-modified: Thu, 29 Feb 2024 22:40:42 GMT
server: UploadServer
etag: "4a348ce75121a8e6aebfe2e002da9d08"
vary: Accept-Encoding
x-goog-generation: 1709246442676682
x-goog-hash: crc32c=68nVtA==, md5=SjSM51EhqOauv+LgAtqdCA==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13572
accept-ranges: bytes
expires: Mon, 04 Mar 2024 23:13:53 GMT

GET
H2 200 f5e28690-e3b9-4eab-8d64-51d4051e7e96 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 239ms
122ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42059c83cda49bdd4a9f75a40de405486d3c6189a75ec735079082e581736d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 85b44d2258f34414-SEA, 85b44d2258f34414-SEA
x-runtime: 0.014007
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"42059c83cda49bdd4a9f75a40de40548"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRKtXulwboIDrbPPwgTkYqRHGgNx35ahXciNiJq22p70mpkZDRf%2BqTDorVex9Sq2xkTa%2FUa3wHoiSBxdmw5LashlJPQiziyUMWVG8izx%2FP6z2o5RWsuWrWB%2BqhP2GP%2B1970%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 85f58bf27bc8a232-YYZ

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
118 KB 55ms
46ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8212777
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f58bf25a54236a-EWR
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 88ms
79ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 8212777
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f58bf25a4f236a-EWR
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 88ms
79ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8212777
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f58bf25a53236a-EWR
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 53ms
45ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 8180561
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f58bf25a55236a-EWR
content-length: 1733

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/e6012efc1e/81665541/ 0
141 B 42ms
42ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e/81665541/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:39 GMT
cf-cache-status: HIT
age: 141110
content-length: 0
x-request-id: F7kyQS8mEj6UWmIu20Sh
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 85f58bf24a3f236a-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

OPTIONS
H2 204 create-session
api.sezzle.com/v1/event/ Frame 0
0 314ms
93ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-session Show response
api.sezzle.com/v1/event/ 0
796 B 300ms
114ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 09101a8a-7cd7-418b-97f9-bde674be1c8c
Content-Type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
69 KB 154ms
39ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:00:51 GMT
content-encoding: br
age: 649
x-guploader-uploadid: ABPtcPrHv_ZJj9qqSU0mjDT4ZtP36GzMwuiFg84Om1xtO74-RE_Ir7Yog8x3ygs0-jO0ikWxQtAkyJLH8A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 00:00:51 GMT

HEAD
H2 204 version Show response
api.sezzle.com/v3/metrics/ 0
898 B 246ms
95ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=e71e2d4a497b773708f6911c38dca6cf9dd6c246

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 2 B
324 B 132ms
60ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 b00093d2fa1313225ae0.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 36ms
36ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: x5TDTLUCr2cqIXvEqFFzBoBANPWT83Cz
content-encoding: gzip
date: Mon, 04 Mar 2024 23:01:49 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 591
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: DDBs049wrFwZblRkP3vQ-ikeWd1-0x1xDso719k_ac4v-MtHiyXehw==

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ 345 B
424 B 56ms
54ms Fetch
application/json 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ Frame 0
0 122ms
45ms Preflight
text/html 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 04 Mar 2024 23:11:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 af72798dd6b803099f04.chunk.js Show response
dashboard.sezzle.com/customer/ 212 KB
57 KB 42ms
42ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af72798dd6b803099f04.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3cf234b43fbf4004be8de7f21bf3ef6805c6098e26b6b7df7b032b215a15686f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: H9QPCHRja8lI31HgVhezpLLp2xSgqO_9
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:59 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 745
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"409713a8ad7ef01c9e29da1276efbd95"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TsuNukEJgXHkVMXGglJgZigCoGm0MH6G--gkIKeEjGWbk_FGYGuP_w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 44ms
43ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebb7b7c8a04f9362c4e0c0fac00524063d95fc3f7be7e25ccf028a06aee3659f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 23:11:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 70ms
70ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df178f4d26b40d71cb798f6c3ab847daa25030397c8036a74fef14919f04710b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 23:11:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 102ms
35ms Script
text/javascript 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Mar 2024 23:01:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 607
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 01:01:33 GMT

GET
H2 200 web-widget-main-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1C04 435 KB
138 KB 56ms
55ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a5e4486967e411d4a219438a2730710c4e5246ea881d4d752236702b04bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: jcnj1kjcj8PaYD1ke2zbYExznh.Bn8v.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8G0SEN4Y8AGA93
age: 437860
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XXh/46OSh+jULrbHqnMTsxa30OK592yDtdQ23XZ3sks7tN2/eWE6NkAf2A96A3z7pH1kmUrs9OA=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"280d3830e83c392fd0deeea5952d4970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jYHOObRviYbZxKW32lHIB45MYNxolMCJEPufbE035czXft9U8WdeFbRiwdoN%2F6W2jkdoaeAhxAYMfx4RvS0qwHkYsQ6I0c%2FeCXSoV0FPon%2BaBORwP019ErxAjuulZnrPQqRX%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf469c37115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 107ms
43ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776z8810595113za200&_p=1709593899656&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1709593900&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&tfd=1182
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 110ms
41ms Ping
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1MJLY6RLKW&cid=1315921896.1709593900&gtm=45je42t1v886187776z8810595113za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 86ms
43ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776z8810595113za200&_p=1709593899656&gcd=13l3l3l3l1&npa=0&dma=0&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&sid=1709593900&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=Clicks&ep.cookieDomain=auto&_et=3&tfd=1203
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Satoshi-Regular.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 109ms
40ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9737500
alt-svc: h3=":443"; ma=86400
content-length: 30876
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "789c-5e44d05a18ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtxMAH2NaziMafYsfgeygFsvNEDQt6do6UdNhjwFS8c37qJ76Zek1VJ0fi955elRFvcYgSi388cEl4vahnRjcr1gfjra9FMNqpgqs%2FYTXWsNUb29Gv%2FEWGqCJerHs7uZ1rkjIfkIrITbZbfTbaiTKIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85f58bf5ba9878dc-EWR

GET
H2 200 web Show response
edge.fullstory.com/s/settings/13FHV/v1/ 9 KB
2 KB 40ms
39ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/13FHV/v1/web
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9dce8600c7be0ea0acdeed698a860b4f18659c3646a1c69ba9b358b8bfcf3095

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:58:34 GMT
content-encoding: gzip
age: 786
x-guploader-uploadid: ABPtcPo84Eaj2yweGdKFYTW7aB4PCsrXrUGhfukQFm9nQ8DJY_P_4yKBJ2WMvHWLwRepUm57vBc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1950
last-modified: Mon, 04 Mar 2024 22:54:10 GMT
server: UploadServer
etag: "21d8f4fa9a2bd8ed8c63ddb0649705f5"
x-goog-generation: 1709592849934526
x-goog-hash: crc32c=+llMzw==, md5=Idj0+por2O2MY92wZJcF9Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1950
accept-ranges: bytes
content-type: application/json
expires: Mon, 04 Mar 2024 23:13:34 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 41ms
41ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776za200&_p=1709593899656&gcd=13l3l3l3l1&npa=0&dma=0&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&_s=3&sid=1709593900&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=scroll&ep.cookieDomain=auto&epn.percent_scrolled=90&_et=5&tfd=1341
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 41ms
41ms XHR
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1064630517&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dp=%2Fcustomer%2Forders&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1229178189&gjid=509563601&cid=1315921896.1709593900&tid=UA-72079130-32&_gid=1510933056.1709593900&_r=1&_slc=1&gtm=45He42t1n81MX2HJWMv810595113za200&gcd=13l3l3l3l1&dma=0&z=81885888

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 1C04 18 KB
4 KB 41ms
40ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4de7dae6b934307dd05a7c6f00b6c2403f421a17a60d15a75bb53f3653ce8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: 3VQfA4qSBCBhhmnYiBbVeOG5srY1LlDx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8GQ5V98GH91HCA
age: 451222
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /4DcIzMQKrCxUd10y/sZTuH1JAON8OyMKxnUAmsO751Z6X2KmTk9End31Gb5qWsL0d2E9+TkIcI=
last-modified: Fri, 23 Feb 2024 00:32:29 GMT
server: cloudflare
etag: W/"3803146b29f5b93bbbdb9c51ef603316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeoXO7HPHQ3BfInui%2F7El5yANLjoYTcObRgEPBKfVM7t5txyKqZMyvJj87tjAfpI1vSpyyJ7rgGo1JGcCz%2Fr1C3%2FnghageZWZP0Jg4B7prGou9noo4HCot%2FuNItttePGlcPxV9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf61c5e7115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:28 GMT

GET
H2 200 web-widget-4852-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1C04 139 KB
47 KB 40ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: aQiQjumAcU6hhLiwTD.s7Ap8M.NwGc8a
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8VH2Z4H04JCZHK
age: 451222
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xZo+7AA6vawEj36E7esCOSj/3Ul+5LbEM4vcQ951SZwYV9RUJkYx/8hvcz20c3JsNYmbAmQJxJE=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGx5yWZl7a6BscIRqNKIKF3%2FPUi3U0jTPMouCbGLiwmXQigfVhWkpaYCVxpiq2Frj79ecBDPcLN%2FiXQrjbEWwSXHT9nfPxQ6N0%2BceWtustbZjsTdNCXwCsd7zGf9YPT4qEIfIcU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf61c5f7115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-1327-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1C04 18 KB
6 KB 46ms
45ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: rNdj49g0SrdbSjbLcgTYmFN5MiTjWsEB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 6XP1GVDDA98PJEVX
age: 442324
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Qo2fVl1OZPsTZ+4IFuPA4Nc+SP8qeqh9aqRgjnIxP60oNCqY/6LjOpviLXjSFhwUNxhkjtTVrWg=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGAfO8%2FV706zHOqOKI9ItErO3FI8QLbwlDge4gl8zA3w5c7yLVCvVUmRyONvBq%2Bfa%2B4ph8910hwTAgDTVMUKOVy0AZWnCOoZdU4tpqdReud34QBVAi%2Ffto7OD80LK%2FxXCzWr2v4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf61c657115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-5178-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1C04 24 KB
7 KB 42ms
41ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: 2DBAxMX42P71DKqyPTgYVK1ZnjlCKoxU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8GQN515HPTABC5
age: 442325
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: NIL+JyxEfqX7zdBrWWBkf1rOdLS1xTTWoLt4KDhCXTH+Unji1QWKsgLY0yOqWbTqUZvVdY7Td50=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"4155d9334495aef51624739a922987ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B1W11lnvd8LysRV3wVOi3vO%2BvmOLrPkQ2hKAKN5fbwKHlL%2Bva11lylc9TcpfDsOp%2BMNbxeOOTw8X2LXS1fGrv77MB62Sz4uYJlWDVJS41NTa3zZRI5d4jqNux3OrAqkzJvqu%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf61c667115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-9535-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 1C04 15 KB
6 KB 36ms
35ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
x-amz-version-id: JS.LbEGO9IJSXIRabslfuJ8O6PsLLOWB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8JP3EXDJME00S9
age: 442325
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fWdzKwmWHHhSUMMmroSd4O8oNVlvL/DxUyFCKjOqYjuzDxHfvgBSJ6Dm2kGAaLaxKhu6rUSAriw=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"dac47767d3defab30fc014d56fbe8017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRwKynLTOc3sQ6ShG%2BYRJrFIN%2B%2F%2FEox1VWKZzc%2BnegAxBNHdBE8OUh61jUxcrgppi29Z4NRIz%2Bq%2Bm2QuKuHAL4bHFz5YoH4wsz6bgvr7VQEtYVVxE6kJ2yWP6YLvO%2FG3lAMIPmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85f58bf61c687115-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

POST
H2 200 feature-flags Show response
api.sezzle.com/v2/shopper/remoteconfig/ 332 B
1 KB 96ms
95ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 09101a8a-7cd7-418b-97f9-bde674be1c8c
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-934f49c4766e3d9096112884fba7af87
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 feature-flags
api.sezzle.com/v2/shopper/remoteconfig/ Frame 0
0 95ms
95ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 41ms
41ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72079130-32&cid=1315921896.1709593900&jid=1229178189&gjid=509563601&_gid=1510933056.1709593900&_u=YADAAEAAAAAAACAAI~&z=93255589

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Mar 2024 23:11:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 supported-countries Show response
api.sezzle.com/v3/users/ 484 B
1 KB 96ms
95ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-934f49c4766e3d9096112884fba7af87
accept-language: en-US,en;q=0.9
X-SezzleInc-Auth-Resource: dashboard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 09101a8a-7cd7-418b-97f9-bde674be1c8c

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 supported-countries
api.sezzle.com/v3/users/ Frame 0
0 95ms
94ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 page Show response
rs.fullstory.com/rec/ 9 KB
2 KB 152ms
70ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a410564b2ba34a241512258c1704c97df019b2f288fb406246c4031906f83523

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 0
0 114ms
43ms Preflight
text/html 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 04 Mar 2024 23:11:40 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 625 B
678 B 111ms
110ms Fetch
application/json 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51a61a19edf4b6568b14a599d10eea93b6e1a0bf6752950cd3f24081a09cfb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtanMtYWxsLWFwcC85LjIzLjAiLCJkYXRlcyI6WyIyMDI0LTAzLTA0Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 194ms
126ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 85f58bf6ff19a252-YYZ
date: Mon, 04 Mar 2024 23:11:40 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xiURbT%2FvP%2B7Ydy9EO8OKDSY7YGz%2FCj6gNJLsIH%2B5%2FGGVKN3ZVnWX8otNBGLlfA9cwO5Qa7OHb28V%2BfIHy1X%2F4CNtOREiAgyKw%2FMfpNqhhBMYBBEW3vZjh0jJ316Gn22ZQmOsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 85f58bf6ff19a252-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 1C04 0
0 106ms
105ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GGWhptl2SbxLhYzss4T0kB9fbFhtbvNWeJOcXq12HC%2BZ5k8tbPCPlepeQ1HXj2M8JATuLyKvx92aILhdO10hr8TkP%2BwpSikgeq3u%2FpRZ8fUQuepyCzuZI%2BvD%2B%2F2f7aF4KZsiw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85f58bf7c86ba252-YYZ
content-length: 0
x-request-id: 85f58bf7c86ba252-YYZ

GET
H2 200 config Show response
sezzle.zendesk.com/embeddable/ Frame 1C04 843 B
1007 B 206ms
138ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-7b7b744477-txf84
x-cached: HIT
x-request-id: 85f58af99a3574a0-MIA
x-runtime: 0.002170
last-modified: Mon, 04 Mar 2024 23:10:27 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeV33teePg0VWqnmNHZcU1DkCG5hBsuYtuNMw9gH%2FuTLmgVIDsxEgIMqn0PTbP30xuLkhHVRk4Q%2Fo3CQFNkiBC7eEL5qzDQyqM83QmI6Hm5lEnf2BGd0m3ZTSxQ8ZbtamO1cbA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 85f58bf6ff1ba252-YYZ

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 120ms
51ms Image
image/gif 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=1315921896.1709593900&jid=1229178189&_u=YADAAEAAAAAAACAAI~&z=1338117800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 52ms
52ms Script
application/javascript 2607:f8b0:4004:c1d::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27fef8b7c835ff3b03eac06320d32ae0ae1abc01e22dae25877394fdbef91dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Mar 2024 23:11:40 GMT

POST
H2 401 status Show response
api.sezzle.com/v5/shopper/auth/ 24 B
972 B 95ms
94ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 09101a8a-7cd7-418b-97f9-bde674be1c8c
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-Device-Info: {"model":"","type":"","vendor":""}
X-SezzleInc-Auth-Version: 5.1
X-SezzleInc-FP: v0-ea6c37ad69531efc7826a3b4917cc2b5
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 24
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 status
api.sezzle.com/v5/shopper/auth/ Frame 0
0 96ms
95ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-auth-version,x-sezzleinc-device-info,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 7DE2 252 KB
69 KB 39ms
39ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:00:45 GMT
content-encoding: br
age: 655
x-guploader-uploadid: ABPtcPoX6kRWJhS-H8ZLodHavcIXYEyXlXxU41j_85P6K39gTsLT_sH5xpow5hhQfylIPu9GUT8yhpCV-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 00:00:45 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame E6FB 252 KB
69 KB 43ms
42ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:00:45 GMT
content-encoding: br
age: 655
x-guploader-uploadid: ABPtcPoX6kRWJhS-H8ZLodHavcIXYEyXlXxU41j_85P6K39gTsLT_sH5xpow5hhQfylIPu9GUT8yhpCV-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 00:00:45 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 6769 252 KB
69 KB 57ms
56ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:00:45 GMT
content-encoding: br
age: 655
x-guploader-uploadid: ABPtcPoX6kRWJhS-H8ZLodHavcIXYEyXlXxU41j_85P6K39gTsLT_sH5xpow5hhQfylIPu9GUT8yhpCV-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 00:00:45 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 43ms
43ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je42t1v874508995za200&_p=1709593899656&gcd=13l3l3l3l1&npa=0&dma=0&_fid=eDTOGjrlTo3iVoZIkOdsE1&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709593900&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=1708
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b00093d2fa1313225ae0.chunk.js Show response
dashboard.sezzle.com/customer/ 1 KB
3 KB 34ms
33ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: x5TDTLUCr2cqIXvEqFFzBoBANPWT83Cz
content-encoding: gzip
date: Mon, 04 Mar 2024 23:01:49 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 591
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: J3xaVBZCVAA14kE8WHp2cL-MgHGlYsX5iDV0PJ9fkJ0fHs6rAcrmqQ==

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 93ms
93ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 111ms
111ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 09101a8a-7cd7-418b-97f9-bde674be1c8c
Content-Type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 client Show response
api.sezzle.com/v1/accertify/browser/ 22 KB
10 KB 101ms
101ms Script
application/javascript 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/client

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
content-encoding: gzip
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront)
x-amz-meta-build-version: 202302_01
x-amz-meta-client-name: Sezzle Inc.
x-content-type-options: nosniff
x-amz-version-id: jAAK0SFQ_qqAud.1QQmzcc7DcvvECa9o
age: 2507
x-amz-cf-pop: HIO50-C1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Hit from cloudfront
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-replication-status: REPLICA
x-xss-protection: 1; mode=block;
last-modified: Wed, 05 Apr 2023 23:26:51 GMT
etag: W/"0b3f30d2c5828913f07f37e867212a52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
x-amz-cf-id: _-QgfrFwt1x_b0C4hY6TIkXnEeE0h_jwBMdN616X38d5fwdfDd3qww==

GET
H2 200 6ffb02663b0ab45e554e.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 47ms
32ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LBStxJgfX33NrJqlpXmtKIDJu1Qxdqi9
content-encoding: gzip
date: Mon, 04 Mar 2024 23:05:33 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: iBjGXdJi-0c5aKxGEKSFp_Avdv-iSbZfe7TywIbdMDTDXD94YQGz9g==

GET
H2 200 09bd04621566e437c5b7.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 53ms
38ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Ai7BqLh0OSSGYp2qk9A8GAnmued46P2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:41 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nXZvMCQQ0mOK1lMHM_N0AsQakn7y6MfuwZ6L28at9ZsIm2_fc7oTZQ==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 48ms
33ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sk7kKmrqoE4sLXTJ2AtZfMyFMaQ7UmrI
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZLSct6Up2Y0yFCI56Get1Ud1k1Et5gnbEaMEMKwmX9gDXzF1Hdg_Mg==

GET
H2 200 fa3ed811783641bef592.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 48ms
33ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AAfpvhhBfiZ92Z.EZ_zwGDdUzJuD2O1I
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4LpIDd8YlXDB1EBSZSWUIi7V0i2TB49U507VybfIrxg1UwHMc56FwA==

GET
H2 200 af0aa6add0b350681528.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 61ms
45ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MSRnwVn6fYJyPh9qA323TSw0jI31b6Ng
content-encoding: gzip
date: Mon, 04 Mar 2024 23:08:36 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pWzOXmh3gAFKxvo4W-66vDiOUGeDmbXru9SRpKjZR9hmRnbB96ipVA==

GET
H2 200 0c2dca37325d4db72119.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 64ms
48ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Kf0gUX_X2u_R2L7yIYUIEh.O3vOjFrvJ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: j9X6Dtv1KZ9hFrqb49M7pIs-oOmPiiOrftZOwxV4w0jX_7IUi8lhpg==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 63ms
47ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: whPjkdgLxZZCCiP4KyC2maLBC8L8O63W
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: y4bfLYnrhHinThoLwiwcRHfPcnfOqfZmbozdnPy5W5Bk5Jg_oURZ5Q==

GET
H2 200 14682bb3c63cae512aec.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 61ms
46ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Tx3blIEaN1jNTRNyGlg2JwMFAgdLBMI5
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Q9q_IexiLWb0ETYU3gz1Wno7lc-Lw6b2xMrAWTZMu-Bvr5RScVguFg==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 61ms
45ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tS4gX2b9X5pedNX73b_mnUWC1z9m.mE1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: M3WhdWPDNfhsVdaYS7DuTRAZ45G4TkspoMQ7BhUGSzvjH-ytrGgPRg==

GET
H2 200 5943a84241d36f5283e3.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 61ms
47ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hqlaWGVFmA91i9TPnamsengDs6A3GjNN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:05:37 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ybzWjTQ7aZ17K-4SD3qa9fk47X_W4_ga5k8hHo_7FB131_9emROz3A==

GET
H2 200 dbbca07b740328687038.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 108ms
93ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JhLWay2fEtMXoyqYye1fZLXiBSMdzSQf
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jB1qXXADSQW7YVZ66en-mMrDltZdKMpweWpL07YbbEbEel6j8CK9Vw==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 109ms
95ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Bp7YGLhgr5zWrqV.oesyp_HFe93pEjiZ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: eKrdUP56xv3s0i4aZNi4b2ugjyEqr5dNXqXaasXTXZL8zJdC9-ru6A==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 109ms
95ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43m0K5FaQ20_ZrM4osI____j3ytzTOmM
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QuRHYPu6EzKZLH2uGJBwQbCnu7wb0x26CdZbmyvmcGxSYvSz61GM1Q==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 112ms
98ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ekqz3hQf7_HAzPX8IXR4XQYhL0IOaxHd
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OhVqkwHqyoKrrlN5xMH8LTGVCuwSSqU-F9X0LXBqMjwyXs9S5-d7eA==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 108ms
94ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 2.1RnWEs3TferJ0Hq_idC_tN2lHXWHjt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sEXgOhZOUZ4nKTp8vktNv06vRL0qi7hv9G8uk2ptfrb6gSGbDyE-2g==

GET
H2 200 8811832d6a39201bc198.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 118ms
105ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9JpYQrQFUpNBodD.RGxmuZHopSTG_1c1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: GhWrA-mDR96eGu3GvduTvdnt7doG-c67Ts0CWZhE-jZImGQ6k3kYoA==

GET
H2 200 4760ba3062e72a347205.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 109ms
96ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vtgchO8YtPyPKr1hCWTKT3BF16PjtWR2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 8PvI-swTSyjerWUhwNI3y3BIRXVDQfDepQX96xjLxNuoE4TO-KsK2A==

GET
H2 200 4264c93c1d764c35847d.chunk.js
dashboard.sezzle.com/customer/ 0
15 KB 110ms
97ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kGxH4wqdMLa1GlMRLybf70U5GyUR51s7
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vIeXimDRT0LQHfPvv8OhC3O7_EhEwksRAVaiFkEQK6gUBjJwurddlA==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 131ms
118ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: w4ojeYLtLeXNabU6g497hdRrVc9l2wcc
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: eZAaC6J74-wIPs3QIgu937C4noOgTDlSyAXflbDg33nRcVlOGWn-tA==

GET
H2 200 9e95813fcc803f7dd100.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 114ms
102ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NoWl8EqmcZCedsgMIFvk26NIhDEJx8_O
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: llKbr4LEHXFbEMdHLYKhi9-UEGKo7iI0D0S4KSUJtR28f9xIacBJMg==

GET
H2 200 9fad61294dfc4b014954.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 110ms
97ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 88wE0NMSXKPMJTjaEcnulkdqWcBgqdwG
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 485
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dMirtTqBy0Z3fT4Kkh8QPgMqDkmFLNQPjKgSCiO87t6FiuYjximsYA==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 110ms
98ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lDwx20hLtug6rwN2aQCBEsob_l4GYaVN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Z6jEeRwWXkOnZ4MX7YxSn8a11_oiP6FfUXDNJt_wpxTd880ptmJlqw==

GET
H2 200 0d01b350befed2dee3f1.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 119ms
107ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pxCCYtX4kAy_jNNV1YnokoZ8poQbcmPN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vzMs0cFQtIhT-IqUYoFIw3egh1vyBAjHGDSTJQDvnqg_TFT8L5_pJA==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 111ms
99ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NQB5tfXT5xgLmsvoXxXW8iPBxN6ae2QR
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jS7EpZd_iR9n7CAn1Sc9WyLdn8Su1lDu6aenUmAhttldGbkvME_oMQ==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 129ms
117ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C104Ze6IlBTc6B1352DC0LxPX_JaVm9W
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: NlPc6qBnVtA3xZAh8FSte3WgDkcKwWQNVYPPFn7k7HgbA0PFAT-LMA==

GET
H2 200 8234e2dfceaefe948816.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 120ms
109ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BYCpzCbjQogrMGt_TMWhuKgxXqfn0r3L
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kCABRBtg9eJpfSzgk3gQTYhMsyZWENW2Wh_dtWuHJ9BxTls8Wcwmxw==

GET
H2 200 a097f2bf8c32774866df.chunk.js
dashboard.sezzle.com/customer/ 0
8 KB 112ms
101ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Hm4ziPBwC_WshDoAfiQMwUK4ILgHDYn1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ulLSo8F78_qepT6O5SkBYdlaUIvgG4oa9e4H328sT6e8hcj70U0v5Q==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 110ms
100ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qQEmGVwehDQZIPhfMRMrwUfUSNFmyMmn
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _BKF9CrlnlxlnOsfLAH2AqU-kM61rldU8jZxkhwbPdUrPpsQIxZCYg==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 111ms
101ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RSScFWM2IgJzw_toAmiNymdRJLZyASXt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gekMGEkXwK8QhX-u_MaPgnUuvrHyknBIBmY3uWfi11CyfQFoOqykbw==

GET
H2 200 4508149fd282227b8d0f.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 126ms
116ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0GQbNdb5EZPdKwxpoQUHZCJ9bV31R_U2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wDXfgk7apfjdi-_CqUTfI4V-vWasKb5CymDWtA0j_kYlrawK2icBaw==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 112ms
102ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sHpjhu7Nk9070BZcNTCsqCOjpnpmo7WU
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: husDsDBsuP_E4E4dBp0jHsf1jPbwC66DSY-MjIs8FhIG5CECmO1HnQ==

GET
H2 200 a98d1424cac4789c93a2.chunk.js
dashboard.sezzle.com/customer/ 0
29 KB 110ms
100ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NKMHD8kIJsp6MVuW.DNARqHjQwR5rENU
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AWms-9W-8UKqBffMks7KfwBP88kvUylImaA6yqcIi76W4a3NNjoSrw==

GET
H2 200 824d6f85b144437f289b.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 116ms
107ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8AMj5t7iClMC4oB_6dFaAFCLoSP.Sl_F
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MG_8l01nXThAd91GLIubJy3_4aJvmDke31U_yh_MgA_-nm0NpYY57g==

GET
H2 200 14be24bccbc068111182.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 117ms
108ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BBJ8wKpHU_D8N3lWL0kq6YwuakLI1tHg
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:31 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: G0IkRe4ThtdUgj-oFAIUX8LHeMFyjSopoRhf4pvVT_UTCGVvcCJVKQ==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 122ms
113ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: i_3GoGRQtfV1rIsSxieFgU_jqqdQx8ky
content-encoding: gzip
date: Mon, 04 Mar 2024 23:00:02 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 70UfubL1crP2HTeRfy-8JTW0PzrPYhbqQtGvbQlnmAOJSyvB-EEJiA==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 113ms
104ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: seXX_ACI2SqFlGpuDeKxfeDKzVir45.j
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fk0PnMFuQxEs98UbQI2aftQI-d2Lgj7k2OUB0gvFoi3OsNS2doigvg==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 123ms
114ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: OmtCRhjchHp9W4g6xJDTysv3hD39uRnt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qmLoegwIZKBcWtT8FWbOQpkNdwksS0QlOiA2Cg1nwlrhsfvRhQxZMQ==

GET
H2 200 d3e0b27b541a88b56439.chunk.js
dashboard.sezzle.com/customer/ 0
21 KB 125ms
117ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Av1FAuiAUpR2tZBHTHtoY5xCwpBSGnkY
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zvXoO-wozQhCsa9urbqKAiBv23rvfZ5qy58J36oteISmmJ-80uLzhQ==

GET
H2 200 95752ac49145b73483d1.chunk.js
dashboard.sezzle.com/customer/ 0
16 KB 117ms
109ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9H3cj9RFDKobnsOXgEP2zUjwbJkdHGNj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: H-b6t_3X37XFflQbPuQz3aKdnEl2je7cY-qNNVxbUDHW-dcmdIkiKw==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js
dashboard.sezzle.com/customer/ 0
6 KB 113ms
105ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z2LydNr6MlUPScg9cgY5UoXTMuemZHcj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: pY1UkdvjGPHmG_kZWasbb5VP42lRVn0JosnXedP92MWtnWEKlGrqTg==

GET
H2 200 4aa5798b018517a651a0.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 145ms
138ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CBCVDdWzo2wE752055PV_tCdzuj4fBuI
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Guiy9vN1LtCG1_5U41OwTl2Noka_lXN85Vg3buXYZehVB2eWpyEu3A==

GET
H2 200 3f4aba9f5964d1741939.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 144ms
137ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TCZrJWyqfu7.QZ1vs9Kb_HQuXn4cdR6f
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mL1mM5Jdmg0OX0CDQu0XnSJNMLxIMtlxz0ir56QWgabEVUMnwroSXg==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 122ms
115ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: je8cvYEpIEMhquUHnu7zGL6QQtK2nmM1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4sOBwBP5F_nxZ0mEQ6lcmC1NEbMYzF9UKC-IyRML-i5Z-Ro1lWEQCg==

GET
H2 200 4a0ba63f290972189691.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 111ms
104ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lqstLEJQAaPgqviswpynovkrV1EWSjlB
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MlVVuyX-9fXJdzRL9191S0qa2vFMqFfurJUphzSCX1VPUYIItLNblg==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 145ms
139ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Djlv3to_rFF.BN2Wf2FVe.iBJjPd6xRL
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -zldAzF4_gtKYJ5Ja_0bYhcCCbUZ4qU6YYrUCfjmdwVy5XJNDNzx8Q==

GET
H2 200 c5b620c163f3b359d753.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 145ms
139ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xVhiCoP20kW_3EHNsgQq0_9O4Qb2VMSB
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 485
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gIMQDaBDZJrNoU-kBzCJOnQVJNnKerC9PDTkiLl4X-Cmihzsg80DCQ==

GET
H2 200 b508ebff5126e8474986.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 121ms
115ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C7offsHQ15vJOwidF4SEdkxMjwNe1DBt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YOvpcjpJ3TquQpy3ZrQAyAvuFWUkPkH31R_uvZ0h-AFVKR2H47autQ==

GET
H2 200 95d58c447de1b1125092.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 122ms
116ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RF0XIDEtQiDBR6BdefMb5FedIeGcb4S0
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: rNXDpCXnGMwTqXLyze7bmBxXmCVbsdcjolkyhev84zhstNS68bf21g==

GET
H2 200 94376e38e631783ec8d6.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 116ms
111ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0zfOvoalffm5Gu93cvqwcPyibzJiTnl1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: b-rpbLP_k06FGSzHDRmOsGg0YnW5n1nOKNpmxaxDFSixF9OJewUQ5A==

GET
H2 200 8e0a43f0256a3165a631.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 124ms
118ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8htcNlTOuL7JWTvs4MkKHM.fx9HkUyaj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:00:02 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: LnN_-VlqPo001riFNY_gLvVA1MUSChIVW1tULZVQ5VoGJ7PLNFoWEw==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 109ms
103ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: J9fi.cTYYN2z82kYLChT0Bo2PTCwKUu5
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EOWOkS5tfu1Iuh8MweT5I-q1D2eZNXgh5fK9REoV1acuFH09l0nhZw==

GET
H2 200 27fb5d991e982837bbb5.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 111ms
106ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vKV7uaNwLHadECpseAn8jVoi_KCNB7K3
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 32
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QVk6aERnddmeKZkq1JLK7LBPcmzkMAD-gONs7iA7HoFkmn3YmYR7zA==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js
dashboard.sezzle.com/customer/ 0
22 KB 115ms
110ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNgyOjAezw.U6R_NiNIY4dggmpljONui
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mRDLrOSymQ4fLCf5NkKvPq0UsWsGYJrhISGL2OJx5aNJwjx1Ou-7tw==

GET
H2 200 7a6fdb1ce14b04b2cb7d.chunk.js
dashboard.sezzle.com/customer/ 0
46 KB 118ms
114ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7a6fdb1ce14b04b2cb7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iQq2vAlpLn1EFGqZC3Afe6jaXvXdKrrZ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"d35a2136a1450561976965fd1330dcd8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IQdNp22YxzEZTbXtYuxv7eH8NVldmEGCwmrZ2EMPtZa66cBmdQNZNw==

GET
H2 200 e09d48e2409b9f29e8d0.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 116ms
111ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e09d48e2409b9f29e8d0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fs7dPS.fnFrgP7Ta9iz5Nrb0E_h8VcKA
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:32 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 108
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"38eb356959ca661dfef9bc930c6e10e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qDw2EIuR8fOY0uAQlAPEN2JE_IP0FJ9C3GtSZBPhB9JzsvnwgWIZSQ==

GET
H2 200 a45c59dc5ba886671582.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 112ms
108ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rp1UxVP.LoEwZveGh7SMxK2f3wK3pu31
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JuKQRkBSp6Blo_4bW3WsjEBIWARUATd6AE66TJbMx-0DSXTI6z-b0A==

GET
H2 200 d06a69625cde48cfb5ea.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 115ms
112ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d06a69625cde48cfb5ea.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8y4.x6NoSTj7W7GaiU7ENsfHFyrdTxT1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:01:49 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 611
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"8331bcefbb87bd895dc3d8e2ac202d8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: KqzPLcBjSUHxYc8pWyzdenOSUJnUxLPt4ACdZsx8jQu19-CYWDNsJQ==

GET
H2 200 d768bc1f0d63296450f4.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 113ms
110ms Other
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d768bc1f0d63296450f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6h0NctG1doJ7WCyaea.6E6ydicjKjDdk
content-encoding: gzip
date: Mon, 04 Mar 2024 23:09:20 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 160
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"1d465b3e065987c507135a1f75fdada3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: S_qt1S2Up2EemeDnFVr0Z34PJhTnErdDg7_2hVLORSnRYtXIS9Ka9w==

GET
H2 200 d5f5e6f325231033d4cc.chunk.js Show response
dashboard.sezzle.com/customer/ 3 KB
4 KB 107ms
103ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d5f5e6f325231033d4cc.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pXATZFhADyDt88xKJC3v1qjyUI3SlG0W
content-encoding: gzip
date: Mon, 04 Mar 2024 23:08:36 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 185
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"fee56067ea57ca1eb89bc5c82204636b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Sa0oPNNXn9UoPzwFxAzDPjkaE6EI2MFBED2bSRdt4dWErhATfb-iWA==

GET
H2 200 bf.html Show response
api.sezzle.com/v1/accertify/browser/beacon/bf/ Frame 5EBE 6 KB
3 KB 286ms
286ms Document
text/html 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-type: text/html
date: Mon, 04 Mar 2024 23:11:41 GMT
last-modified: Wed, 15 Feb 2023 22:01:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: accept-encoding
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront)
x-amz-cf-id: kK40RXKcPZtDZ6yi5EBU3Lcow3pv7fv34UZIq9ynQDbt0ZTgPYZf9A==
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 cc.js Show response
api.sezzle.com/v1/accertify/browser/ 39 KB
18 KB 297ms
296ms Script
application/javascript 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/cc.js?sid=beee383f61fe5c6f&ts=1709593901073&namespace=advc

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

d54157f358f32ebfa9ca106e9404970fc991c35895a47eb1ba188e6e707bd518

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
via: 1.1 23902d8ef9680db023f27a4c4f37e390.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
x-ia-request-id: 8b43455ddbc93464c5541ad952f85f86
x-amz-cf-id: v6V2z4DdMwDe6-jgI1AF7VvgaG0_8PNbL5DUbzO68K71oYuM7SgYZQ==

POST
H2 204 et
api.sezzle.com/v1/accertify/browser/beacon/ 0
1 KB 111ms
110ms Ping
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/et?c=gLaZegefMpAvkrns_6KD2oLP8FU&t=0a6a5002fe1f4b7efe89e9332b1306c651be

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com, *
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: TmNVucn11yK1jeyEMuk4vNGONPjLXr3AR5kNL5-NFH1BCScFzagpbw==
expires: 0

GET
H2 200 6ffb02663b0ab45e554e.chunk.js Show response
dashboard.sezzle.com/customer/ 62 KB
18 KB 55ms
38ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LBStxJgfX33NrJqlpXmtKIDJu1Qxdqi9
content-encoding: gzip
date: Mon, 04 Mar 2024 23:05:33 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uhO_lKutvMEECdVdujslMHwQUpO6btmtH52ndODWe1PYURg3OlypBw==

GET
H2 200 09bd04621566e437c5b7.chunk.js Show response
dashboard.sezzle.com/customer/ 35 KB
11 KB 56ms
39ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Ai7BqLh0OSSGYp2qk9A8GAnmued46P2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:41 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: eWk20ePJ-s1FCOvtSGTpkttsQtuSCO-4eWtEmfZPZx3uzCvVKSVm6A==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 57ms
40ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sk7kKmrqoE4sLXTJ2AtZfMyFMaQ7UmrI
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: M_IGqlZNtDMovOUwuaRdtSEv0HQXLzlGDx00CpGFRY4Z9TQWqX7rGQ==

GET
H2 200 fa3ed811783641bef592.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 74ms
57ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AAfpvhhBfiZ92Z.EZ_zwGDdUzJuD2O1I
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fC_wYH83zaZ6gBgNSetAZqtQujH0fdHdofYKlMJdE_ON9IIbzErFUw==

GET
H2 200 af0aa6add0b350681528.chunk.js Show response
dashboard.sezzle.com/customer/ 82 KB
24 KB 57ms
41ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MSRnwVn6fYJyPh9qA323TSw0jI31b6Ng
content-encoding: gzip
date: Mon, 04 Mar 2024 23:08:36 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1M9xNeelu_6BkXtj7sg20H9Hz1N7ZSicjxO2v_DMImb2nqFDgsBSZg==

GET
H2 200 0c2dca37325d4db72119.chunk.js Show response
dashboard.sezzle.com/customer/ 28 KB
12 KB 60ms
44ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Kf0gUX_X2u_R2L7yIYUIEh.O3vOjFrvJ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1FsPQRVPwes1tBI5NlVBEf2_AgnwUcs1RGKvNew9wvS50k-y0Wdx8w==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js Show response
dashboard.sezzle.com/customer/ 66 KB
18 KB 58ms
42ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: whPjkdgLxZZCCiP4KyC2maLBC8L8O63W
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: SsLaTcIGsg9LDleKAod4wb9m90u6pU6DilCCD0MJCC2dMsBrakmjOA==

GET
H2 200 14682bb3c63cae512aec.chunk.js Show response
dashboard.sezzle.com/customer/ 98 KB
25 KB 61ms
45ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Tx3blIEaN1jNTRNyGlg2JwMFAgdLBMI5
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: cPWR4Qa30P2F7YXrDRZY1tuU-yLcccEzIRSB7xOnrJVStkOfXtv1aw==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
9 KB 64ms
48ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tS4gX2b9X5pedNX73b_mnUWC1z9m.mE1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kdBP2tLmzqW7kkKrz1vZ9jl4Id1ndGT0ngheaBAY2CMHaB1k76QS_A==

GET
H2 200 5943a84241d36f5283e3.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 62ms
46ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hqlaWGVFmA91i9TPnamsengDs6A3GjNN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:05:37 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 456
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0_I-5jwtERFQ-8Oaquh1GOQtD7As8CJ-OQrKUXa4KdNXHhBSGoyHxQ==

GET
H2 200 dbbca07b740328687038.chunk.js Show response
dashboard.sezzle.com/customer/ 29 KB
9 KB 72ms
56ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JhLWay2fEtMXoyqYye1fZLXiBSMdzSQf
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EzIYUT-GxmSuKJK2qZeXB7i5rmEC8XPAg1SPlW6sqCtRJLq-nw0B6A==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
7 KB 63ms
47ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Bp7YGLhgr5zWrqV.oesyp_HFe93pEjiZ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: a1LDKx1O8Az_vhms_od_xWPUO97tSe_wZxVtVQ0HYw_fsNeWoymKOw==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js Show response
dashboard.sezzle.com/customer/ 15 KB
7 KB 73ms
58ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43m0K5FaQ20_ZrM4osI____j3ytzTOmM
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: M3rFrG3kFi0otjVl5jF5eUk1_R72oYJaFqSlcjEjXNwgpISdyWhJCg==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js Show response
dashboard.sezzle.com/customer/ 45 KB
14 KB 68ms
53ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ekqz3hQf7_HAzPX8IXR4XQYhL0IOaxHd
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: aFt40VIdG13mrbkkG-bne-HfNZPza40M5H30CRR6CbWoIYdIU5imyQ==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js Show response
dashboard.sezzle.com/customer/ 70 KB
18 KB 76ms
62ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 2.1RnWEs3TferJ0Hq_idC_tN2lHXWHjt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -1c7WZf5XseyYH5nchNBEy4fLn2ugqxuMLQliL41fZtx40e_aPNxNw==

GET
H2 200 8811832d6a39201bc198.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
11 KB 63ms
49ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9JpYQrQFUpNBodD.RGxmuZHopSTG_1c1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: rzyudFDt_LYg-ZtLZ3XscImq-Z5V01ZXOzJ8kl57jRjxZp0qiUuGfA==

GET
H2 200 4760ba3062e72a347205.chunk.js Show response
dashboard.sezzle.com/customer/ 83 KB
26 KB 63ms
50ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vtgchO8YtPyPKr1hCWTKT3BF16PjtWR2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dVRHRRGRuk8BmQTPl9j0eRaHjvzAniiKfVydjsH-sgc67D74M8oUmw==

GET
H2 200 4264c93c1d764c35847d.chunk.js Show response
dashboard.sezzle.com/customer/ 55 KB
15 KB 64ms
51ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kGxH4wqdMLa1GlMRLybf70U5GyUR51s7
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: FdXzdPA6Bfwg89ZfLJr-ivbm724LZd6jnw8MFB2VV2UfIBAvdzxSFQ==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js Show response
dashboard.sezzle.com/customer/ 61 KB
17 KB 65ms
52ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: w4ojeYLtLeXNabU6g497hdRrVc9l2wcc
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fZpXPnzVE1cbP8kpHrSYsIfyhyGArBDOjXWkKFw5qh4H76hJIXsb7Q==

GET
H2 200 9e95813fcc803f7dd100.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
12 KB 73ms
60ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NoWl8EqmcZCedsgMIFvk26NIhDEJx8_O
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6pzrbVMCyDlxsesA2ZwIEeiy2-4-CU3rIU8hJI1h8xc_sdTMNejLYg==

GET
H2 200 9fad61294dfc4b014954.chunk.js Show response
dashboard.sezzle.com/customer/ 125 KB
26 KB 71ms
59ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 88wE0NMSXKPMJTjaEcnulkdqWcBgqdwG
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 485
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 0DLs3AaeJn-xBI9h8zXWbIvV3aIn_RLkbsHFx4G8NVDjaWNAKiS_Dg==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
4 KB 68ms
55ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lDwx20hLtug6rwN2aQCBEsob_l4GYaVN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Sa09UoKyPJWcxpR4t2054EhzS8yQbym-utOOdSL8ytRJBZme6L4STA==

GET
H2 200 0d01b350befed2dee3f1.chunk.js Show response
dashboard.sezzle.com/customer/ 80 KB
25 KB 72ms
59ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pxCCYtX4kAy_jNNV1YnokoZ8poQbcmPN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uEBVqeWGshAZrpTy20lhj5vAgu82sQAWmL2FlZxnKTHhCjm4JDcbeQ==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 66ms
54ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NQB5tfXT5xgLmsvoXxXW8iPBxN6ae2QR
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: n8LYXImrkzqifBPiwGI21FE9cixuBfCOp3nF2JbtFFO_NTiKpueZTQ==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
5 KB 88ms
76ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C104Ze6IlBTc6B1352DC0LxPX_JaVm9W
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kkB4vQZUx3bLNo6LpXwzlfFgCh9Z70nUCPRQTBbFEBrgjb4gaK9UPg==

GET
H2 200 8234e2dfceaefe948816.chunk.js Show response
dashboard.sezzle.com/customer/ 60 KB
19 KB 89ms
77ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BYCpzCbjQogrMGt_TMWhuKgxXqfn0r3L
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _HLkpdlZ7__vl56MQmoQOc4aJ61XKY1LXQAWiND-cEjY0b5RWFq4BQ==

GET
H2 200 a097f2bf8c32774866df.chunk.js Show response
dashboard.sezzle.com/customer/ 22 KB
8 KB 90ms
78ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Hm4ziPBwC_WshDoAfiQMwUK4ILgHDYn1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qAl1oL9XGhMk-oEmuGJltONOolk_r1qkw6lqaP9PY1Ik_cdfqHezEw==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js Show response
dashboard.sezzle.com/customer/ 54 KB
17 KB 90ms
79ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qQEmGVwehDQZIPhfMRMrwUfUSNFmyMmn
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ehqg7TZNAxDwB47Pph2IiaJguJBohl4XptsHQIvfFZiAteZVrTabRA==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js Show response
dashboard.sezzle.com/customer/ 40 KB
13 KB 91ms
80ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RSScFWM2IgJzw_toAmiNymdRJLZyASXt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UBR4IcdoGFH2Ln_ZJ7wHYMwFubvCUgDqtnptcc0NJYiJ8vHdIBvw7A==

GET
H2 200 4508149fd282227b8d0f.chunk.js Show response
dashboard.sezzle.com/customer/ 14 KB
7 KB 113ms
102ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0GQbNdb5EZPdKwxpoQUHZCJ9bV31R_U2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: yaCRt6Pk8nRhWZwHLZP0rG9TPbtFTIBNHH42KENDIqnVKT2shwvh1w==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 92ms
81ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sHpjhu7Nk9070BZcNTCsqCOjpnpmo7WU
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sHCQLOD3O1m5000yyaxyaGxMluaRnFc8y253iEGBSdfQJARPG0ZJDQ==

GET
H2 200 a98d1424cac4789c93a2.chunk.js Show response
dashboard.sezzle.com/customer/ 87 KB
29 KB 96ms
86ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NKMHD8kIJsp6MVuW.DNARqHjQwR5rENU
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WBOV1VyAtwpicyMHPyE-O2OMWvHZc5dwameb7N-pS123bJEz7t7xpQ==

GET
H2 200 824d6f85b144437f289b.chunk.js Show response
dashboard.sezzle.com/customer/ 72 KB
18 KB 93ms
83ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8AMj5t7iClMC4oB_6dFaAFCLoSP.Sl_F
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vApLPiojem1UpoZlxkEA2tY6fppRXvq-iuzsKFWyEaCwEnezxLv0yw==

GET
H2 200 3c36f12b1acc880cd44d.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
8 KB 124ms
114ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3c36f12b1acc880cd44d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: X4kWn_wYq65USZQoNMA2R1EChEEIuZM2
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 627
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"953e37bdb81aae15964dc7cd7ef7a2a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4siYAakBg_O_6wpiO_FclYqH35GV9000gJIL8tgSV8lRzQd05Jaa2A==

GET
H2 200 14be24bccbc068111182.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
13 KB 92ms
82ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BBJ8wKpHU_D8N3lWL0kq6YwuakLI1tHg
content-encoding: gzip
date: Mon, 04 Mar 2024 22:59:31 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: j1ijZNdYg-YiIZLYq4KUyrmQ-WI8d9wsnJuHThkT43ka54mpaHIj7g==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js Show response
dashboard.sezzle.com/customer/ 20 KB
10 KB 93ms
84ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: i_3GoGRQtfV1rIsSxieFgU_jqqdQx8ky
content-encoding: gzip
date: Mon, 04 Mar 2024 23:00:02 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7rTX7sUfDUPeBFB5kCbMEQ4dJ-CJllCWiL3Si24lRhZRT45ZfdyhEw==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
19 KB 112ms
103ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: seXX_ACI2SqFlGpuDeKxfeDKzVir45.j
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: t9Z8t_O-tIl4zngZNJVyM5U8wvqTuCqBQ3v_qb684ckECoL2hwcStQ==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js Show response
dashboard.sezzle.com/customer/ 32 KB
14 KB 99ms
90ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: OmtCRhjchHp9W4g6xJDTysv3hD39uRnt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ABn0k6nxOQsFQN8vKGrxBW3IyEbKXRamwxzcM1p-AsDiktlGF8j4jg==

GET
H2 200 d3e0b27b541a88b56439.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
21 KB 96ms
88ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Av1FAuiAUpR2tZBHTHtoY5xCwpBSGnkY
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: BWiPLMsTBnXRcOHXm9GKnK6CeYnW3U0vabXQRkU0y9wlMgEY78PfGg==

GET
H2 200 95752ac49145b73483d1.chunk.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 93ms
85ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9H3cj9RFDKobnsOXgEP2zUjwbJkdHGNj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tjrH3tyeAl-JjhaFqX5OvDMfcYPzvQ-eDoh5n10UcT-THqHVBsXtgw==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
6 KB 101ms
92ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z2LydNr6MlUPScg9cgY5UoXTMuemZHcj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WSQMVEiFzoFRXkEjNOlPsbKhwCFgUKJeQ3iqJ_9ZCSlg8bkG81M7AA==

GET
H2 200 4aa5798b018517a651a0.chunk.js Show response
dashboard.sezzle.com/customer/ 23 KB
10 KB 105ms
97ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CBCVDdWzo2wE752055PV_tCdzuj4fBuI
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IJRReieBjleOnV4tMlREXCXrI6AB2fv-qOqKERlPv9jAWuTHAJHzPw==

GET
H2 200 3f4aba9f5964d1741939.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 95ms
87ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TCZrJWyqfu7.QZ1vs9Kb_HQuXn4cdR6f
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: WhcNXSUTOG0Z--0Ib-JBn8m4kIaQyfRG9I8qZHiLB2nEKLvQwfJRLg==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 105ms
98ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: je8cvYEpIEMhquUHnu7zGL6QQtK2nmM1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: czEM-lnlUT2AQElM-ZKcL-Q-y2unuMCoQ4OvFDveYKHVF1H9_8UW4Q==

GET
H2 200 4a0ba63f290972189691.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 96ms
89ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lqstLEJQAaPgqviswpynovkrV1EWSjlB
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wgIPStZcnYiNK6GIPA7uqFV-LSzmn3-aPtmUtutuBjLxeqZAXPMkWA==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 97ms
90ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Djlv3to_rFF.BN2Wf2FVe.iBJjPd6xRL
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: K8kLEBGMg-dafYcOzaeDEX5gCm7cX-OjEYoJmdISGcOm88r5bpRFiQ==

GET
H2 200 c5b620c163f3b359d753.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 98ms
91ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xVhiCoP20kW_3EHNsgQq0_9O4Qb2VMSB
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 485
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YtwFB13BN4O4Y6AvpI-rpvUSXE1fyVgkz7nB27RsBUyPOhJEDIDbyg==

GET
H2 200 b508ebff5126e8474986.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 103ms
96ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C7offsHQ15vJOwidF4SEdkxMjwNe1DBt
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:42 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 628
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3LTrAoGC4GUf-nfKsYf_OingcRzeboa2mXztxkj1RjaiSmeUCRFnAQ==

GET
H2 200 95d58c447de1b1125092.chunk.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 99ms
93ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RF0XIDEtQiDBR6BdefMb5FedIeGcb4S0
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 84
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IPKupNXBvj-1cTAqlGmTLYVg8wa9-91LGcDbcxR_mDCa00GaVZVOBw==

GET
H2 200 94376e38e631783ec8d6.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 101ms
95ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0zfOvoalffm5Gu93cvqwcPyibzJiTnl1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EmIDiR7hPM1TKVEmhQScoifURCbwFZRxbKf9sY06n3YbhQ7QsoLAsA==

GET
H2 200 8e0a43f0256a3165a631.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
13 KB 100ms
94ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8htcNlTOuL7JWTvs4MkKHM.fx9HkUyaj
content-encoding: gzip
date: Mon, 04 Mar 2024 23:00:02 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 750
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: KyTjH2_wZwxqzTgt9TtcQ2wnhI5n37fw5ZSuryU9QNIrklZZYLfFZg==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 110ms
104ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: J9fi.cTYYN2z82kYLChT0Bo2PTCwKUu5
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Yoiy_rkhVpOpsMiHHYYLqNeB7nvBp541bE1vK5NwvfVBkxBkRcUQ9A==

GET
H2 200 27fb5d991e982837bbb5.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 100ms
95ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vKV7uaNwLHadECpseAn8jVoi_KCNB7K3
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:11 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 32
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lEMbuL-UIdSGzPBfHqvj-kGitLuYv-aZSPrWNZqLLYF9Q7gFaWZKXQ==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js Show response
dashboard.sezzle.com/customer/ 75 KB
22 KB 110ms
105ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNgyOjAezw.U6R_NiNIY4dggmpljONui
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 94
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dOOKTIK6A17tJP3GP_1nek_kg-Wgy3Q7wGZvWK9wSiRjqCC9EUI8oQ==

GET
H2 200 7a6fdb1ce14b04b2cb7d.chunk.js Show response
dashboard.sezzle.com/customer/ 160 KB
46 KB 102ms
99ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7a6fdb1ce14b04b2cb7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c834e5a157df7a9e166541d7a9635fcd5aa6a7f813770cf4043dcb64d4d3e086

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iQq2vAlpLn1EFGqZC3Afe6jaXvXdKrrZ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"d35a2136a1450561976965fd1330dcd8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UdJEAJE6G4Uurp5mFsE13KyfNBcm228mY4GR-HvljJureZQcfw5zJQ==

GET
H2 200 a45c59dc5ba886671582.chunk.js Show response
dashboard.sezzle.com/customer/ 53 KB
24 KB 103ms
100ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rp1UxVP.LoEwZveGh7SMxK2f3wK3pu31
content-encoding: gzip
date: Mon, 04 Mar 2024 23:11:13 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 31
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1-WeqYwQljC4O1W1Os1PYmqb39kfxjv85JOvnhO9aqjTtK2Jfoi9oQ==

GET
H2 200 d06a69625cde48cfb5ea.chunk.js Show response
dashboard.sezzle.com/customer/ 30 KB
13 KB 104ms
101ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d06a69625cde48cfb5ea.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

42d7398b0280a9a292a781882939e8323f2fe5978f3612ce02ff974dd54b67d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8y4.x6NoSTj7W7GaiU7ENsfHFyrdTxT1
content-encoding: gzip
date: Mon, 04 Mar 2024 23:01:49 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 611
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"8331bcefbb87bd895dc3d8e2ac202d8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1HLfCy_T0Qr3GWJBlifNy5HVuk6LqCfbbHiUby-aD9oO-VJBX-ggKA==

GET
H2 200 917019a0d5c385f61289.chunk.js Show response
dashboard.sezzle.com/customer/ 9 KB
6 KB 117ms
114ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/917019a0d5c385f61289.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BdSjTah1zF9m4KBoOPT8nwGlybqGqyQN
content-encoding: gzip
date: Mon, 04 Mar 2024 23:03:07 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 514
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"d3af360547cac6e490a6051af4419e9e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 88KikiMegQfzDEXr27bvb7Axd6sqXNv9CXd5pueh1ZVHgtu3Tkui4A==

GET
H2 200 ae9aa0023644c0c6bd7d.chunk.js Show response
dashboard.sezzle.com/customer/ 452 B
3 KB 40ms
40ms Script
application/javascript 2600:9000:2501:ae00:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ae9aa0023644c0c6bd7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2501:ae00:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fkdcjEj5FEi8izhjHTOvZlzlslQQO1ZQ
content-encoding: gzip
date: Mon, 04 Mar 2024 23:08:36 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
age: 185
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"51d3d543819542bc182233d9d721c530"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: guWr4Yofw7EpSOz8j1NwywXXvo4_VigIne1BSyQvWWwJJvMAgy3-RA==

GET
H2 200 Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 6 KB
3 KB 35ms
35ms Image
image/svg+xml 2600:9000:26a0:4600:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:4600:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 09:31:56 GMT
content-encoding: gzip
via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 49186
x-cache: Hit from cloudfront
last-modified: Tue, 11 Feb 2020 17:10:33 GMT
server
etag: W/"0fb7c8e946de60d298e697e3143a598e"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: qXuoyGjR0u5yNblAr3KWJQ6eGnijdvmBdn6G_fRmdlKIDY_cxnbmdA==

POST
H2 200 gt Show response
api.sezzle.com/v1/accertify/browser/beacon/ Frame 5EBE 39 B
1014 B 108ms
108ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/gt?c=gLaZegefMpAvkrns_6KD2oLP8FU

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

b8951d842b2e9995bf30fbe3f1cb069a7b4ab0aa0ce3b9438e4022a2354c0996

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:41 GMT
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 39
x-amz-cf-id: Kr9agWmRIflZvn6Oyl_MKsS6fnFASHlQO-DnhqusOHwcCsqGjouW9Q==
x-xss-protection: 1; mode=block;
expires: 0

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 93ms
93ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 108ms
107ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 239 B
1 KB 298ms
96ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

d885f662a01ef85037e7a902a2b82c55641947a042ec20ba3a026ed5e6577e72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-length: 239
x-xss-protection: 1; mode=block;

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 418ms
227ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=15ec4d89-a760-4e71-a776-3919cac7412c&SessionId=65f2c1db-c386-4aae-830f-0b5311b2706e&PageId=a2b40466-99c2-4e3f-b5b2-f47bae80bd1f&Seq=1&ClientTime=1709593901790&PageStart=1709593900721&PrevBundleTime=0&LastActivity=583&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 7cab41f89d780ceb2ce2779489729a8e9de14f5a1afdc3104087f323157b5d4b

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Mon, 04 Mar 2024 23:11:42 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 58ms
56ms Script
text/javascript 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

906ae1d4cb195d4a42184f1adf9874f3b04934ce724e6d9fd900010b2b7f15eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 23:11:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 492 KB
196 KB 104ms
34ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:01:49 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776za200&_p=1709593899656&gcd=13l3l3l3l1&npa=0&dma=0&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAC&_s=4&sid=1709593900&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_ee=1&_et=131&tfd=3059
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A96B 47 KB
29 KB 54ms
54ms Document
text/html 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=fv6bzift4f7l

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

459bbda674430d88f7ebfecf7f9d593d6546efd852e7d874034131d8162aba83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q9ZfdFusLSByzeIgDzm2jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q9ZfdFusLSByzeIgDzm2jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 23:11:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 US.svg
media.sezzle.com/style-guide/flags/4x3/ 4 KB
1 KB 35ms
35ms Image
image/svg+xml 2600:9000:26a0:4600:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/style-guide/flags/4x3/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:4600:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 07:12:13 GMT
content-encoding: gzip
via: 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 57570
x-cache: Hit from cloudfront
last-modified: Mon, 25 Oct 2021 18:50:36 GMT
server
etag: W/"ae65659236a7e348402799477237e6fa"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: klzIHLsMxILVoA-Ycu_l14KTSdI0suL5peH3Sl_8yCyJyxZIh0-upg==

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pro-fa-duotone-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 10 KB
10 KB 44ms
43ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-duotone-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
age: 6918781
etag: "6568cc19-2964"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85f58c00deb7236a-EWR
content-length: 10596

GET
H3 200 Satoshi-Medium.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 40ms
39ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8161061
alt-svc: h3=":443"; ma=86400
content-length: 31024
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "7930-5e44d059ed553"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tkkRA34x2r7U2sG7XY1tBYM%2B9Qjtm%2F2gGEQW8Xbc2d8owAWpN%2Fy2kcS9eJ%2FqR4N7Hncap7mmrSG19fK6Ivzpox969jUJmuMUBwThyENwXbu0R3Xjk7VJXQga4ENt8lYPekSGQwsnS71saC1ueVhS7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85f58c00dbcd78dc-EWR

GET
H3 200 Satoshi-Bold.woff
fonts.cdnfonts.com/s/85546/ 30 KB
30 KB 73ms
72ms Font
font/woff 2606:4700:e0::ac40:6206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631369
alt-svc: h3=":443"; ma=86400
content-length: 30668
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "77cc-5e44d05a5a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STmIBg9NdTDg7FJ6uxWAosgkhmtFWbk%2Btp15iu3eHKiveLUtl6uh%2F%2B5nrMp8%2BuA3tdkgT041BVoLggAM%2FE7a7SoJLcaDoVa3HO9KSJO9vH693CogNI2vsIqiYOUxHjQm1%2FD3LOO5FwbTdf29nKG%2FLOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85f58c00dbcf78dc-EWR

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame A96B 55 KB
24 KB 105ms
37ms Stylesheet
text/css 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=fv6bzift4f7l

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 15:05:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame A96B 492 KB
195 KB 102ms
35ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:01:49 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame A96B 17 KB
7 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=fv6bzift4f7l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 17:40:57 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A96B 2 KB
2 KB 35ms
34ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 06:28:54 GMT
x-content-type-options: nosniff
age: 405768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:28:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A96B 15 KB
16 KB 105ms
34ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:10:54 GMT
x-content-type-options: nosniff
age: 417648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:10:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A96B 15 KB
15 KB 112ms
42ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:16:00 GMT
x-content-type-options: nosniff
age: 417342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:16:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A96B 102 B
135 B 47ms
47ms Other
text/javascript 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=fv6bzift4f7l
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 23:11:42 GMT

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame 1C04 0
0 107ms
106ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqADz%2BAPjezqIACPMrO5CmGiwgi%2Fy%2B9Ef1W%2Fp61SMozenBt592v5%2FiP%2BzE1UDj8uFt5u8MigeVh99iD0Au0FFz%2BJ4WopzXlNmTb2%2FeR5Rslk3NOzZMD4k6Ep3NgTVIa6ZWqTbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85f58c03fc90a252-YYZ
content-length: 0
x-request-id: 85f58c03fc90a252-YYZ

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 130ms
129ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 85f58c031a6da252-YYZ
date: Mon, 04 Mar 2024 23:11:42 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbTF5HoVqSanDGE5%2BolkAOrltRm%2B1GtwPoYEPiX5qijIszkwP4SblRagaHkgOb%2BHrBzUiigPp8kWiAMXFMMIQu%2FUUjU4YmATzgMh5e3YM21RYNkuuHRvXfyvdVpF%2BFTvVp6Jxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 85f58c031a6da252-YYZ
x-zendesk-zorg: yes

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5BCA 7 KB
1 KB 50ms
50ms Document
text/html 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee6097b8f20bd3656e265a66810cad1939f72a3a99aafccf36296131169d0a37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EmOhj8Y1gAzo5XkkYT8ZuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EmOhj8Y1gAzo5XkkYT8ZuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 23:11:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 5BCA 55 KB
24 KB 37ms
37ms Stylesheet
text/css 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 15:05:34 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 5BCA 492 KB
195 KB 39ms
39ms Script
text/javascript 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:01:49 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 5BCA 21 KB
15 KB 85ms
85ms XHR
application/json 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b5590896754fe21d6ee4b89c1d9f90c6017c9e8f343f9a1d9f5e06f0136d8fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 04 Mar 2024 23:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 23:11:42 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5BCA 600 B
624 B 36ms
34ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 06:16:31 GMT
x-content-type-options: nosniff
age: 406512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:16:31 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5BCA 530 B
554 B 37ms
35ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 06:36:20 GMT
x-content-type-options: nosniff
age: 405323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:36:20 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 5BCA 665 B
689 B 38ms
36ms Image
image/png 2607:f8b0:4004:c19::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 06:40:20 GMT
x-content-type-options: nosniff
age: 405083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 07 Mar 2024 06:40:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5BCA 15 KB
15 KB 36ms
34ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:10:54 GMT
x-content-type-options: nosniff
age: 417649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:10:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5BCA 15 KB
15 KB 49ms
48ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:49:00 GMT
x-content-type-options: nosniff
age: 418963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 02:49:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5BCA 15 KB
15 KB 41ms
41ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 03:16:00 GMT
x-content-type-options: nosniff
age: 417343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 03:16:00 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 5BCA 17 KB
7 KB 35ms
34ms Script
text/javascript 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:40:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 17:40:57 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 5BCA 27 KB
27 KB 52ms
51ms Image
image/jpeg 2607:f8b0:4004:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA5pEF8FwpXLjA9rrOsXdHuFqhkmxudqVZSV4vPbyA2iYj8YnXY9pWEAAbi_oUU50hCtxgkFtUo6q7EOV5Am9dORyfwO_TMeRKh-cFuE_-c9Q1L_q8O1ZC_osg2_BrOQRhXm9m7P0LS7216lbvSm2ZKlnczAzk0ToL-oVLl7d8qOEf3hJYCYXxHUro1GKS4QNuOFcZAoSZZNwyUyGK8WP9FnmHM_Yw&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f73d9192790ccf7101e372975142ac59352c60789339e9a80c805724382ca225

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:11:43 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 04 Mar 2024 23:11:43 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 79ms
78ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=15ec4d89-a760-4e71-a776-3919cac7412c&SessionId=65f2c1db-c386-4aae-830f-0b5311b2706e&PageId=a2b40466-99c2-4e3f-b5b2-f47bae80bd1f&Seq=2&ClientTime=1709593905752&PageStart=1709593900721&PrevBundleTime=1709593901875&LastActivity=4575&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2d0cf1ade679efedc7b45bddd551ebd349b82bbd8de19e13ec1c0ddf57a5c11c

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Mon, 04 Mar 2024 23:11:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 40ms
40ms Ping
text/plain 2607:f8b0:4004:c17::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je42t1v874508995za200&_p=1709593899656&gcd=13l3l3l3l1&npa=0&dma=0&_fid=eDTOGjrlTo3iVoZIkOdsE1&cid=1315921896.1709593900&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1709593900&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=web_dsh_refresh_token_login_failure&_ee=1&ep.origin=firebase&ep.metrics=%5Bobject%20Object%5D&ep.szl_trk_ver=v1&ep.locale=en-US&_et=166&tfd=6876
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Mar 2024 23:11:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:12:25	Name: _GRECAPTCHA Value: 09AOiBZIDBJZggUpqYRIfTMOG1ySX8Yg4rhf2JR7ESt4krfrB7q_tZJvCecH-31ogiN1383QCLXppv6w5T1009kKA
.sezzle.com/	1970-01-21 04:29:13	Name: trk_id Value: 09101a8a-7cd7-418b-97f9-bde674be1c8c
.dashboard.sezzle.com/	1970-01-21 03:38:49	Name: szl_wpe_sid_lt Value: 829c617e-74c3-44eb-8e5f-2a9049c91d00
.dashboard.sezzle.com/	1970-01-20 18:54:40	Name: szl_wpe_fs_rand Value: 0.1133845130627067
.sezzle.com/	1970-01-20 21:02:49	Name: _gcl_au Value: 1.1.1995405176.1709593900
.sezzle.com/	1970-01-20 18:54:40	Name: _gid Value: GA1.2.1510933056.1709593900
.sezzle.com/	1970-01-20 18:53:13	Name: _gat_UA-72079130-32 Value: 1
.sezzle.com/	1970-01-20 18:53:16	Name: szl_wpe_sid Value: 260fc50b-1a14-4c54-a134-2bb5ed30b71a
.sezzle.com/	1970-01-20 18:53:15	Name: fs_lua Value: 1.1709593900719
.sezzle.com/	1970-01-21 03:38:49	Name: fs_uid Value: #13FHV#15ec4d89-a760-4e71-a776-3919cac7412c:65f2c1db-c386-4aae-830f-0b5311b2706e:1709593900719::1#/1741129900
.sezzle.com/	1970-01-21 04:29:13	Name: _ga Value: GA1.1.1315921896.1709593900
.sezzle.com/	1970-01-21 04:29:13	Name: _ga_FB5QYFCQBC Value: GS1.1.1709593900.1.0.1709593900.0.0.0
.sezzle.com/	1969-12-31 23:59:59	Name: IR_gbd Value: sezzle.com
.sezzle.com/	1969-12-31 23:59:59	Name: IR_22203 Value: 1709593899851%7C0%7C1709593899851%7C%7C
api.sezzle.com/	1970-01-20 23:12:25	Name: _cc-x Value: ZjcxN2ViOGQtNmZjZi00Njk1LTg3Y2ItYjA1ZmVkNTFiM2M3OjE3MDk1OTM5MDEyODY
.dashboard.sezzle.com/	1970-01-20 18:53:14	Name: _szl_login_success_url Value: /orders
.sezzle.com/	1970-01-21 04:29:13	Name: _ga_1MJLY6RLKW Value: GS1.1.1709593900.1.1.1709593902.58.0.0

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashboard.sezzle.com/customer/orders Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v5/shopper/auth/status Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://api.sezzle.com/v1/accertify/browser/client(Line 4) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 321) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 321) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 515) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.sezzle.com
apps.rokt.com
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.cdnfonts.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
media.sezzle.com
o215203.ingest.sentry.io
rs.fullstory.com
sezzle.page.link
sezzle.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
utt.impactcdn.com
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.53.111
104.18.72.113
2001:4860:4802:38::181
2600:1402:8800::1728:cdc1
2600:1408:ec00:1f::1735:23ca
2600:9000:2501:ae00:5:2c64:75c0:93a1
2600:9000:26a0:4600:1a:9a9d:1e00:93a1
2606:4700:4400::ac40:93bc
2606:4700:e0::ac40:6206
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::63
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c17::65
2607:f8b0:4004:c17::84
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::61
34.120.195.249
35.186.194.58
35.186.249.72
35.201.112.186
44.240.237.16
02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710
06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708
07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5
09a5e4486967e411d4a219438a2730710c4e5246ea881d4d752236702b04bcd9
0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478
0b5590896754fe21d6ee4b89c1d9f90c6017c9e8f343f9a1d9f5e06f0136d8fe
0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16
10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7
12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97
1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1
13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f
17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82
1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
21659c4eb8d562932783c9df9d9f84c463374874b3c4337dfa8da2f26a52d0e6
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326
2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3
2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44
27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf
27fef8b7c835ff3b03eac06320d32ae0ae1abc01e22dae25877394fdbef91dd5
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
2d0cf1ade679efedc7b45bddd551ebd349b82bbd8de19e13ec1c0ddf57a5c11c
2e4de7dae6b934307dd05a7c6f00b6c2403f421a17a60d15a75bb53f3653ce8c
2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f
30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3
323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c
331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508
390e9c43bfed154fd39c9da5fcd4c47a52f15be64142a0d0210dde445c8f3b93
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639
3cf234b43fbf4004be8de7f21bf3ef6805c6098e26b6b7df7b032b215a15686f
3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
40119ccc2391549e35936f246cb1d00aa80af10b043d8921707aa4b8f8794593
42059c83cda49bdd4a9f75a40de405486d3c6189a75ec735079082e581736d03
42d7398b0280a9a292a781882939e8323f2fe5978f3612ce02ff974dd54b67d2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
459bbda674430d88f7ebfecf7f9d593d6546efd852e7d874034131d8162aba83
4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60
473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11
49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461
513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e
522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c
5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee
58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8
5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7
64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f
68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727
69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b
6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc
6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
6b47c4528dcccce6b16e72adbcc0fb9c1eaf2ad30d2e5c65f4dcaad6377b04a7
6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313
70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71
712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0
717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4
71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb
728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984
79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994
7cab41f89d780ceb2ce2779489729a8e9de14f5a1afdc3104087f323157b5d4b
7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed
80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e
80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418
8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92
87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61
88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52
896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2
8b0b0926dfec435f28f7ad3dadf081db25a48281a0871e60838f132283d14887
8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817
906ae1d4cb195d4a42184f1adf9874f3b04934ce724e6d9fd900010b2b7f15eb
93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc
943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061
99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f
9dce8600c7be0ea0acdeed698a860b4f18659c3646a1c69ba9b358b8bfcf3095
a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551
a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481
a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c
a3ab05ae8b6d4a894adbb2de586d14bd1519550b4e417e265f55d5e1a1985157
a410564b2ba34a241512258c1704c97df019b2f288fb406246c4031906f83523
a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9
a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c
aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1
ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421
b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae
b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b
b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac
b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11
b67c43dec3a99d3df3014b752c42a7902451392ef9926add891e50e6332c1e24
b8951d842b2e9995bf30fbe3f1cb069a7b4ab0aa0ce3b9438e4022a2354c0996
ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6
bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9
c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c834e5a157df7a9e166541d7a9635fcd5aa6a7f813770cf4043dcb64d4d3e086
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7
cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6
cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a
d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d54157f358f32ebfa9ca106e9404970fc991c35895a47eb1ba188e6e707bd518
d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134
d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9
d885f662a01ef85037e7a902a2b82c55641947a042ec20ba3a026ed5e6577e72
d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301
dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df178f4d26b40d71cb798f6c3ab847daa25030397c8036a74fef14919f04710b
e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778
e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383
e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae
e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752
e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3
e7d3d6094a85458cd7c2b83f4b41677cadfe0283b9a2551ea5da7ecb449688f4
e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043
ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3
ebb7b7c8a04f9362c4e0c0fac00524063d95fc3f7be7e25ccf028a06aee3659f
ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772
ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
ee6097b8f20bd3656e265a66810cad1939f72a3a99aafccf36296131169d0a37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce
f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22
f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9
f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd
f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c
f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475
f51a61a19edf4b6568b14a599d10eea93b6e1a0bf6752950cd3f24081a09cfb7
f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c
f73d9192790ccf7101e372975142ac59352c60789339e9a80c805724382ca225
fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79
fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

dashboard.sezzle.com Open in urlscan Pro 2600:9000:2501:ae00:5:2c64:75c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

260 Requests

100 %HTTPS

70 %IPv6

17 Domains

26 Subdomains

23 IPs

2 Countries

4416 kBTransfer

10318 kBSize

17 Cookies

4 Outgoing links

Page URL History

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.sezzle.com Open in urlscan Pro
2600:9000:2501:ae00:5:2c64:75c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

100 %
HTTPS

70 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

4416 kB
Transfer

10318 kB
Size

17
Cookies

260 HTTP transactions
1 data transactions