dashboard.sezzle.com Open in urlscan Pro
2600:9000:24f2:200:5:2c64:75c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sezzle.page.link/orders/
Effective URL:
https://dashboard.sezzle.com/customer/orders
Submission: On March 05 via api (March 5th 2024, 10:49:54 pm UTC) from US — Scanned from US

Summary HTTP 264 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 17 domains to perform 264 HTTP transactions. The main IP is 2600:9000:24f2:200:5:2c64:75c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com. The Cisco Umbrella rank of the primary domain is 708099.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 24th 2023. Valid for: a year.

This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
161	2600:9000:24f... 2600:9000:24f2:200:5:2c64:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:247... 2600:9000:2479:3c00:1a:9a9d:1e00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:e2:... 2606:4700:e2::ac40:8416	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1402:880... 2600:1402:8800::1728:cdd0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1402:880... 2600:1402:8800::1728:cddb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
22	44.240.237.16 44.240.237.16	16509 (AMAZON-02) (AMAZON-02)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c17::8b	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c09::64	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
5	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c07::6a	15169 (GOOGLE) (GOOGLE)
1	44.239.107.15 44.239.107.15	16509 (AMAZON-02) (AMAZON-02)
9	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
264	23

2 2607:f8b0:4004:c17::84 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

sezzle.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

161 2600:9000:24f2:200:5:2c64:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dashboard.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2479:3c00:1a:9a9d:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:8416 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cdd0 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

apps.rokt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cddb (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 44.240.237.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-237-16.us-west-2.compute.amazonaws.com

api.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o215203.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::64 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sezzle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c07::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.107.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-107-15.us-west-2.compute.amazonaws.com

geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c08::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
187	sezzle.com dashboard.sezzle.com — Cisco Umbrella Rank: 708099 media.sezzle.com — Cisco Umbrella Rank: 33782 api.sezzle.com — Cisco Umbrella Rank: 269328 geoip.sezzle.com — Cisco Umbrella Rank: 481780	2 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	715 KB
13	google.com analytics.google.com — Cisco Umbrella Rank: 148 www.google.com — Cisco Umbrella Rank: 2	89 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 1215 rs.fullstory.com — Cisco Umbrella Rank: 1199	280 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2184 ekr.zdassets.com — Cisco Umbrella Rank: 2517	214 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1405 ka-p.fontawesome.com — Cisco Umbrella Rank: 3225	146 KB
5	zendesk.com sezzle.zendesk.com — Cisco Umbrella Rank: 342913	1013 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
4	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3911 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 561	938 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	368 KB
4	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 7749	93 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84	406 B
2	page.link 2 redirects sezzle.page.link	1 KB
1	sentry.io o215203.ingest.sentry.io — Cisco Umbrella Rank: 546220	324 B
1	impactcdn.com utt.impactcdn.com — Cisco Umbrella Rank: 3828	14 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4631	12 KB
1	rokt.com apps.rokt.com — Cisco Umbrella Rank: 7585	19 KB
264	17

	Domain	Requested by
161	dashboard.sezzle.com	dashboard.sezzle.com
22	api.sezzle.com	dashboard.sezzle.com api.sezzle.com
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	dashboard.sezzle.com www.gstatic.com www.google.com
7	static.zdassets.com	dashboard.sezzle.com static.zdassets.com
5	fonts.gstatic.com	www.google.com
5	sezzle.zendesk.com	static.zdassets.com
5	edge.fullstory.com	dashboard.sezzle.com edge.fullstory.com
5	ka-p.fontawesome.com	kit.fontawesome.com
4	analytics.google.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com dashboard.sezzle.com
4	www.googletagmanager.com	dashboard.sezzle.com www.googletagmanager.com
4	fonts.cdnfonts.com	dashboard.sezzle.com fonts.cdnfonts.com
3	rs.fullstory.com	dashboard.sezzle.com
3	media.sezzle.com	dashboard.sezzle.com
2	firebaseinstallations.googleapis.com	dashboard.sezzle.com
2	stats.g.doubleclick.net	www.googletagmanager.com dashboard.sezzle.com
2	firebase.googleapis.com	dashboard.sezzle.com
2	kit.fontawesome.com	dashboard.sezzle.com kit.fontawesome.com
2	sezzle.page.link	2 redirects
1	geoip.sezzle.com	dashboard.sezzle.com
1	o215203.ingest.sentry.io	dashboard.sezzle.com
1	ekr.zdassets.com	static.zdassets.com
1	utt.impactcdn.com	dashboard.sezzle.com
1	websdk.appsflyer.com	dashboard.sezzle.com
1	apps.rokt.com	dashboard.sezzle.com
264	26

This site contains links to these domains. Also see Links.

Domain
legal.sezzle.com
sezzle.com

Subject Issuer	Validity	Valid
dashboard.sezzle.com Amazon RSA 2048 M03	`2023-08-24` - `2024-09-22`	a year	crt.sh
media.sezzle.com Amazon RSA 2048 M02	`2023-05-03` - `2024-05-31`	a year	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
apps.rokt.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-14` - `2024-12-20`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
utt.impactcdn.com GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
api.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sezzle.zendesk.com Cloudflare Inc ECC CA-3	`2023-05-30` - `2024-05-29`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
geoip.sezzle.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://dashboard.sezzle.com/customer/orders
Frame ID: E2B10309C9DED429F2E460159C72A63F
Requests: 219 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Frame ID: ED12AB7CF3450878A109335E72681DEA
Requests: 9 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 0CED4CDB1809114DF46B9C8EBCE08690
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 5B7F700ABB9C8A8DFCA352A73280AE88
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 3510A6B5040FFCD77DFCA8B6153691F9
Requests: 1 HTTP requests in this frame

Frame: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
Frame ID: 6E29E0C40B774B57DF48EB713EE2ED4C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=htxoicci491w
Frame ID: FAB7E7F9EA09B4818F0B655EE62E206B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
Frame ID: 74E00560EA8B723ED7F13B095A7F62DD
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sezzle Dashboard: Welcome

Page URL History Show full URLs

http://sezzle.page.link/orders/ HTTP 301
https://sezzle.page.link/orders/ HTTP 302
https://dashboard.sezzle.com/customer/orders Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

264
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

4417 kB
Transfer

10318 kB
Size

17
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.sezzle.com/user/en-us/
Title: Sezzle User Agreement

Search URL Search Domain Scan URL

URL: https://legal.sezzle.com/privacy/en-us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sezzle.com/
Title: ©2024 Sezzle Inc.

Search URL Search Domain Scan URL

URL: https://sezzle.com/contact-us/shopper-support
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sezzle.page.link/orders/ HTTP 301
https://sezzle.page.link/orders/ HTTP 302
https://dashboard.sezzle.com/customer/orders Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

264 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request orders Show response
dashboard.sezzle.com/customer/
Redirect Chain

http://sezzle.page.link/orders/
https://sezzle.page.link/orders/
https://dashboard.sezzle.com/customer/orders

7 KB
5 KB

400ms
291ms

Document
text/html

2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

390e9c43bfed154fd39c9da5fcd4c47a52f15be64142a0d0210dde445c8f3b93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=600,public
content-encoding: gzip
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 22:49:46 GMT
etag: W/"s9l2ex5a3"
last-modified: Wed, 28 Feb 2024 20:32:57 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-id: xRVzW2f2WkaVVOPOvsZOOkAhjlb1Wxazfrqhq2WHC7fcji3YhTj3jA==
x-amz-cf-pop: IAD55-P1
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sezzleinc-test: test header
x-xss-protection: 1; mode=block;

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-RaaxUV3Sj5Jn-8twwhXGEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Tue, 05 Mar 2024 22:49:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://dashboard.sezzle.com/customer/orders
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 sezzle-legacy-5.3.5.css
media.sezzle.com/style-guide/css/ 120 KB
22 KB 139ms
40ms Stylesheet
text/css 2600:9000:2479:3c00:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sezzle.com/style-guide/css/sezzle-legacy-5.3.5.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:3c00:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 10:43:04 GMT
content-encoding: gzip
via: 1.1 c8621b8fc24efa8fdb4d4763ad6a7e38.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
age: 43603
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 01 Aug 2023 15:07:41 GMT
server
etag: W/"eede49ea943b0bc51703fd902fcaec8a"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: 2oUSUhkYpY2TVvGZx9_bBvjAmvKgL_WxycsiB7nQlOX978B-sAu58Q==

GET
H2 200 satoshi
fonts.cdnfonts.com/css/ 2 KB
742 B 134ms
39ms Stylesheet
text/css 2606:4700:e2::ac40:8416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/satoshi
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8529228
cf-polished: origSize=1959
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 28 Nov 2023 05:35:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsXVTWkPTT1Yuy06VFhKUqKmsOAq8L5ixxOoxiwABNP6lcI2pmGJ2eefbXxliUwJlZWWkrSKZel31BYHncDsitsvJZI%2Bbz0%2BoJCrCbL4lhbQAhYf5bG7gg4PK9pB2EngQvm7e%2FB3V2E6h%2BwUHVbO1Vo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 85fda9404e144237-EWR

GET
H2 200 launcher.js Show response
apps.rokt.com/wsdk/integrations/ 77 KB
19 KB 213ms
69ms Script
application/javascript 2600:1402:8800::1728:cdd0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.rokt.com/wsdk/integrations/launcher.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:8800::1728:cdd0 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
x-amz-request-id: 0KS7QJG2NQ2FQ4YN
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18855
x-amz-id-2: zftzOs6bS9+5T4suvVNekS6jxFfI5yDqx/ogu6LGvoi4pr/0zmsulrVdhjrYsKwxEV013a/7A9o=
last-modified: Tue, 05 Mar 2024 01:02:54 GMT
server: AmazonS3
etag: "d282095455d54b6ddd5f00cc05448436"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200, public
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 e6012efc1e.js Show response
kit.fontawesome.com/ 12 KB
5 KB 178ms
87ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 85fda9407e8d7288-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7n6PhU_ns_sMrxb8Y4h

GET
H2 200 37ce4942e883c62e7aa1.js Show response
dashboard.sezzle.com/customer/ 10 KB
8 KB 62ms
45ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a3ab05ae8b6d4a894adbb2de586d14bd1519550b4e417e265f55d5e1a1985157

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 7Ats3PNbEpa13R0FHUnc7h_dj0389M31
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"2fb396c95ad8e094f4da5883fb695ac2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: utNqDNYAgsxscfysmW_cia7lDMfBHN0hVtAm6U1mAJMXjwqwv5p_gg==

GET
H2 200 1a256f2d971cdf513dde.js Show response
dashboard.sezzle.com/customer/ 121 KB
56 KB 60ms
45ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Yd1PyP_cJx8awNVR18UpMfifpqrlKY6G
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:28 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 345
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ce951a0b55d48e8e50b8f44e2b3548b6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 2aK8_qhf9IQ2h1nsVJ3EdBKtJqnjO7Q4IdM7zIQsIrL8qOL0F10mGg==

GET
H2 200 5f2ac3972abfbd68e212.js Show response
dashboard.sezzle.com/customer/ 44 KB
16 KB 68ms
52ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5f2ac3972abfbd68e212.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: YJqrKgrLVirrJmu8bnrcuPij0IP2CjAd
content-encoding: gzip
date: Tue, 05 Mar 2024 22:48:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"851ab23630c047782f7829decc162c01"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: YdN1LtgmkDRTj85wrgiDCB8A1PradFrLGnbz9F0OTaru2GtVYg0elw==

GET
H2 200 43b66ae0e58e97f5166c.js Show response
dashboard.sezzle.com/customer/ 66 KB
22 KB 61ms
46ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/43b66ae0e58e97f5166c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NpXUugOeOYuKVh778vRm0juJjAh_clvo
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:28 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 346
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"05e3c200baafd8f7ce776ff3d328d226"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: b2IYtPR4QUr_bVYXs6jCHVGNAiS7s-HFDyDzHHnRJFfD8zM1hSz3TA==

GET
H2 200 e14b8c01aac1fdb51cdb.js Show response
dashboard.sezzle.com/customer/ 37 KB
13 KB 61ms
47ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e14b8c01aac1fdb51cdb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: skO9IuYr3rbb0yOygN_Snw8O3yQDOqHo
content-encoding: gzip
date: Tue, 05 Mar 2024 22:48:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"12729470db7f7d594a19697cb023e4f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: XOYi9TpyPdrKxvhuS_27IpHp9GMiar4mHMQRZHGPwEPEpwR3jG9W_w==

GET
H2 200 80bae9c390090021a0f1.js Show response
dashboard.sezzle.com/customer/ 169 KB
55 KB 108ms
93ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/80bae9c390090021a0f1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CGrDT5tMQWXZmfCY4ywFwmgvWa8oaZWt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:28 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 346
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"a29c68cfc03011d191c67a36a47e3c6c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Q5GJRZZBvVYlL6pbo-7QRU6u2RdDECQIa389nLoWXX_nMQx7Ca52Jg==

GET
H2 200 e02d3d5a53be08d3964e.js Show response
dashboard.sezzle.com/customer/ 30 KB
16 KB 62ms
48ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e02d3d5a53be08d3964e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tzxTHWl_WZUsaWE7TNHtG_mI.DPVqa0v
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"695895a7f31ff3beb7d8f1925bdb882a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4Bc1_uc9RGupdRS5nTbvutuw6NtXsLb5hxmOYEfmByaI6ifG7GL5PQ==

GET
H2 200 be3a9a570e455b866bd5.js Show response
dashboard.sezzle.com/customer/ 13 KB
6 KB 61ms
47ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be3a9a570e455b866bd5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: SlhLHmW2ZCmvXmYXaZc_VguCwpYA.5tf
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 712
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"e622c88365d8fa13ade95e934bf9738e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Mg3GsNzaVkSgfmI8BpH1B-0htzHa_2yWTVo9rblKWCjX_WrCAwcSkA==

GET
H2 200 c0bec519dabc8742bd4f.js Show response
dashboard.sezzle.com/customer/ 14 KB
8 KB 107ms
94ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c0bec519dabc8742bd4f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: QCYGIxT9tX5Bqoh3jalQXqshVWNRA20j
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:32 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 14
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"ff4e9b15c2aebd913ef9967f8e5c58a3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: a2VFMf3ADXY-olFvRn6Xy2e2GdWI_7KZ0H2QS8vkahuAyv4ZPsJHbw==

GET
H2 200 269f6ffb02ae81790952.js Show response
dashboard.sezzle.com/customer/ 58 KB
20 KB 108ms
95ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8njI8y0aeS85VYZnnaLge_QjxNSUeIgH
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"b896b0503f2af94aeef289aeeb816a23"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Kz9a-KhKkajd-dDDJIhLhlIplRJA4nrdEuLirZpFUjx8UIlOBThI6Q==

GET
H2 200 a161e2cc720d54eb9c15.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 182ms
169ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a161e2cc720d54eb9c15.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6b47c4528dcccce6b16e72adbcc0fb9c1eaf2ad30d2e5c65f4dcaad6377b04a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: atbTqKc6CaUaGSNhFxYfJlmVvD5gpVfX
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0b1ea5c6dd19367cef04446a81274a15"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vPnG-iATL85nf34-Psl5jQetdH9dJ8ppVHoG7qYtxT2ILQm4fik24w==

GET
H2 200 1f21e1d5495b0d2fbb0d.js Show response
dashboard.sezzle.com/customer/ 49 KB
23 KB 160ms
146ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f21e1d5495b0d2fbb0d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _Olq_FJVo2.m0ayWYbpH9OpitmW6VeUd
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:05 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 176
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"e1ad74a558591ec6da2f48ebaec8619c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: P6aNocMJure9YLsI8nbfwCei4jqyI7m09-rH8VwUnVrHsexYt8EmzQ==

GET
H2 200 dba21c409767f4c222d0.js Show response
dashboard.sezzle.com/customer/ 15 KB
9 KB 164ms
151ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dba21c409767f4c222d0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: PUd53P9Nr5E2crl5sHjycWeatPxBjYTT
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:32 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 14
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"71a283f0bd09929420eb42c943d2aee0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 1Koa927AMxgKWQfTivGrn_CcmOTzsH1Kpfs9v7en0DZMvC9rDEHy7g==

GET
H2 200 d34ed654a54c7f7c2879.js Show response
dashboard.sezzle.com/customer/ 45 KB
20 KB 161ms
149ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d34ed654a54c7f7c2879.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rs9iE4KW9cOW_h9RTpbEN50Yd7xhwhjk
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:29 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 346
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"372139d2b2cf8f6907452a839ce3ce7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: O0LjDangtzjCT8-nVgT6zpjgw14-xR4SpiqsE5eW8cvIs4WsGPAxKw==

GET
H2 200 cf61b0190262999540fc.js Show response
dashboard.sezzle.com/customer/ 32 KB
15 KB 160ms
148ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cf61b0190262999540fc.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: wW1i1iwLWjiSYb4qCaegcIObeoammVkB
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:28 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 346
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"3ef2bebf8f0a6c92cf04e08f9be94d7c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 11ZBxk6F0tRtllX2OQXVphhVWOFdnPIS5zleVAISHTbdbHeg9ITopg==

GET
H2 200 294199fb500e225f76d1.js Show response
dashboard.sezzle.com/customer/ 26 KB
13 KB 159ms
147ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/294199fb500e225f76d1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ecrbt2ZhfxM0uZV0g97PH3bEYPTNJ9ao
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:05 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"c30a3cad191b1adab2709c5df908b663"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wqXWpIvmj499Hs30WDZBWoU-yBiJmbQ0jz4NNaEARDM3Ux3yhvgOww==

GET
H2 200 ba48324d348fdfd3de19.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 178ms
167ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ba48324d348fdfd3de19.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AbL92JvFgw6YXebEXWiQXJ0FwS6zAZH0
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"8246c443fd9c0ef91e582d500b6a2073"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7Tn5JV0vi7TYCp_eIHK0sJLDZCqa6CtlIg_RjEIRd66cfuPOBr4dpQ==

GET
H2 200 20b8c23fb6af2dd22732.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 161ms
150ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: jmtSc3ffDE8mlyZca.efCNz_8mnyeC1S
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"d3457e3bb1fbbee2ae7c7fb50e75a2f2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dhPSALeAqqUoB6Uh0WyGKXKshly31yh_N9Lw1urBr0oD-pNoSqebdA==

GET
H2 200 16c09ace82ff2dfc6fec.js Show response
dashboard.sezzle.com/customer/ 54 KB
21 KB 160ms
150ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/16c09ace82ff2dfc6fec.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: dSpdBiiiQxvHPKcyIRJg1sTCEArwqml.
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 712
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"9b95e5a5bdc30a0d8170ec5d7a544ba4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EcgdMBe9SkaUTAR03NRX08e9pn7C4GrTOAf8FeYx2c09KM8TQFDtnw==

GET
H2 200 39cfd9d68f2c9f4567f8.js Show response
dashboard.sezzle.com/customer/ 56 KB
23 KB 162ms
152ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e7d3d6094a85458cd7c2b83f4b41677cadfe0283b9a2551ea5da7ecb449688f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43kDaC36swPoGFG1Bq9ohzBbcjAIS9DT
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:44 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 176
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"5eb33a0c23ca4bd605c4c20245873d60"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mmcpmAgQnBuZdXHT6KVfeuMHSA9ICnWHHWRDXYgIcTTU5Rf5Xw-shQ==

GET
H2 200 71b702d49c2543430041.js Show response
dashboard.sezzle.com/customer/ 95 KB
35 KB 165ms
155ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/71b702d49c2543430041.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 5qNlpvcnHe.Rvz7sSTpknXEVYTXb1CF0
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:06 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"722d15a0ce497fdd562a3e13734b1204"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QUsZ4JIh0aJIWR2Nxd90SSaIyNNZG1JBl0X-1d0sMppblxNzwPnfYg==

GET
H2 200 5996d3e883a29e8c4b40.js Show response
dashboard.sezzle.com/customer/ 54 KB
22 KB 168ms
158ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5996d3e883a29e8c4b40.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: cbacPRf5EQU8gL1MzsDeirBtryLe7Gi.
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"1168ace9b755fdaa31bee8fa950c8422"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dU0QXbFmeOw48lS5jaF-PSlZjb029KeIpQTgsKR70REJoNdzsyz9_A==

GET
H2 200 7de6f906968d01481560.js Show response
dashboard.sezzle.com/customer/ 36 KB
14 KB 168ms
159ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7de6f906968d01481560.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BinHPoZ6KRq2I_6X3kmirW1j4gbfMICp
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"5cebdcfb449473308d6f20cd34547d2e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: LMk8diRgNh_EiEmLpWk0NlE5Xp2daxTT917h6FFbpMansGX27O6wMA==

GET
H2 200 61579f7936eb81e43928.js Show response
dashboard.sezzle.com/customer/ 16 KB
9 KB 171ms
162ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/61579f7936eb81e43928.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NkFIxVj_0LbUZ5LbtEaj52sRflj0Sy9V
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:06 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 176
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"2263b54c2a6f363537fc3062ae60d537"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bK15M0XjgetzAz9os2_d2Kgpe3FFNbR06IG3nUB0hF7ZEBRnI1mf5Q==

GET
H2 200 d179d030bcec3ad1bc79.js Show response
dashboard.sezzle.com/customer/ 42 KB
16 KB 171ms
163ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d179d030bcec3ad1bc79.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 65V6NFRHtmqNKNCHaRGfeTFujxsBP_Pn
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"38d0002465c17efa1cd33cd87389c560"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: NINtc2GLyfmcQN0B_XwFFzRLDc8lNhV1-FINaCNIU_MLJbQ7t85V9Q==

GET
H2 200 84508b0119db4b8d89d8.js Show response
dashboard.sezzle.com/customer/ 16 KB
8 KB 161ms
153ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/84508b0119db4b8d89d8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RPy6zaUmprB412gnjS_10FZQy0pC8Ems
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:29 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 317
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"4ad5d7ff4221ec1e4ca63535a6b2861e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AvbGLIaXLIDW9MBLaH7sLnlMmRb4VdyGJH_3gBXnQ0rEDWhxIC7jlQ==

GET
H2 200 bc6c40607186b8123b82.js Show response
dashboard.sezzle.com/customer/ 41 KB
18 KB 161ms
154ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bc6c40607186b8123b82.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _0TnO3RTLi50ISORq7dP4qgAZXc89S4F
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"e9df12476a87375f0aee34c45d92b89e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: RMmsPfQtlHIJL9pB7OUC4WWoUhirpInDcsmg7Dm86hYyVVjya4Sypg==

GET
H2 200 aba9eafb2237225c0091.js Show response
dashboard.sezzle.com/customer/ 21 KB
10 KB 167ms
159ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/aba9eafb2237225c0091.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: ZOCUyibRBS22fO6emuL.KNIByCVMRo7y
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"69e7e26cd161eaa61d2cbf7533fb3795"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jRp-T6__5wRTsaCl68JGE8oxghWnSRXPqCNsIrbgKGF7FxT2wa9yLg==

GET
H2 200 328af461014385e1d630.js Show response
dashboard.sezzle.com/customer/ 116 KB
47 KB 172ms
164ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/328af461014385e1d630.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: _MXRjKoFV3q9eSLnMjMYsxm5MuEOYKT_
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"3e82368cce7f44c2deb21dae9eca8110"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nKHEAk-l5rLb-BaOhlC_AsKTATGsG7jmP1Y6ZymzP5HH9zWLvJn-wg==

GET
H2 200 f49abfd21510e98e3b38.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 173ms
166ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f49abfd21510e98e3b38.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: oRIAkTSD8lLGVXulORqSEXqCdu3g7_Wr
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"730b1a2493c00d17667ea85a514e2c30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: V2YzWM4iWNF6RnCDayk34zDTUn_nWLnJzjobZPFubkSW3_GxFykh1Q==

GET
H2 200 4194987c16fe56cf15b0.js Show response
dashboard.sezzle.com/customer/ 32 KB
17 KB 149ms
142ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JU6Cj8ghwVK0Z2pI7TN0ivkFSPmALb3X
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:07 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"0bd91b5148ec59c9333e41278a4e9d2a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: tOEsktG36dwmXMLrDn14Nu-etQ1ipNXMWmHn3l06cpUKrOLxJWJFTg==

GET
H2 200 0c0b11036ab99da64633.js Show response
dashboard.sezzle.com/customer/ 18 KB
9 KB 161ms
154ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8kpUisd.QzBsXeIg9RMnq93tSJzb4rrr
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"47fa2fb58d7588410598540acbcacb55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 41AHYMtoXJApNJi7Dcjud2hFtApBFvLe2W88qLPGwjhWLlq3Vm4OxQ==

GET
H2 200 3964e75922de7d163aa6.js Show response
dashboard.sezzle.com/customer/ 51 KB
22 KB 166ms
160ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3964e75922de7d163aa6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0v_5beta03TsEZMG9Ta7G6o_W6QvlAtA
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"1d1e68a5d66ada9f8becb9866ed46447"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5MGJQ6r-fvj35hTo1D59vnmR6HuU2_DIQ-4GUOwYwrzxgRpJZyd3eA==

GET
H2 200 6764fe5af3546fce4b6d.js Show response
dashboard.sezzle.com/customer/ 75 KB
31 KB 167ms
161ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6764fe5af3546fce4b6d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0o9TGy19DuJ3Y9CRPCN8fvA251PHdALI
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"6ebcc518518edc21122366a6670813ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uYvQWlItyA7mOwgLrwWsOumn1CyMMPX2ehMF2Qz7rKOocCxEt2N8ew==

GET
H2 200 3462078edaa459035f59.js Show response
dashboard.sezzle.com/customer/ 139 KB
45 KB 172ms
166ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3462078edaa459035f59.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b67c43dec3a99d3df3014b752c42a7902451392ef9926add891e50e6332c1e24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6nw8WlWwel5RvFX2CZu1h_kvPawifZk2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:29 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 317
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"11552ee69cc05216f8c9e6e3c4af9fd1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ryPJM9rvOPIEzNBFhk1ysAhOJuwWMDqYP0Rw2foOLrWvaAiT0Ac_Ag==

GET
H2 200 0e9757d9ff6b94c34dde.js Show response
dashboard.sezzle.com/customer/ 34 KB
17 KB 215ms
209ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0e9757d9ff6b94c34dde.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: GbMsF8xpHvjfC10p9ZBlZE8M4vdodpFt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:29 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 345
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"006fd4bb37401463eef8eacf9d8c0776"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UNsgIDDI6jF3KgqCTeBku8KaSj9Ah0NjiPakM3mmiXu_MksbbpAY-A==

GET
H2 200 e6a9154d373e57975b80.js Show response
dashboard.sezzle.com/customer/ 124 KB
35 KB 169ms
164ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

21659c4eb8d562932783c9df9d9f84c463374874b3c4337dfa8da2f26a52d0e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: nq7LFrNQUGXJvzTbeEUDXzcAnj2sam3m
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"f150d826714ea4730a7765319708b45b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: O8ZCuJ9y8ohmMnX_6q_nVo7toDrUlkBjbjt32FS7Z6kaSSMRbizBjg==

GET
H2 200 822f616256e8d4f786ae.js Show response
dashboard.sezzle.com/customer/ 219 KB
61 KB 196ms
190ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/822f616256e8d4f786ae.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

40119ccc2391549e35936f246cb1d00aa80af10b043d8921707aa4b8f8794593

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: .n34wSNMbslHs2lGPsz25wRB0Eg2gtwb
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:01 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"87acb017535b42018ff641bf20f44adc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 79xdN8XS-i940gK_tUggWZICEP96_pwqBCbR78Q1KzhTa4gChMd5fA==

GET
H2 200 3166a49e08d388802b5e.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 170ms
165ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3166a49e08d388802b5e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qwaUdRxB6iEuh0egRpy1movJkOGCPFtH
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:29 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 323
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"451635eba560a4f045ac3961ed1d5d8f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UdCCTo0gcKbbMfwI87b28Awz-A1vrbAe1LA4Vi1VYAK40zLwNAI--w==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 101ms
38ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 3
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAVHyKL5JA6pnrTeWXvQ4I7t1%2FphBIy6eS0Rdm3ZzepfC9X1YDlxSwmbEYY%2BF%2BSV8OShcmPi35GabE4LejtIdfS096imxTjcgZNnf6gISqXbjKCiGP4VqiNa5hdY6ZbN26z5sYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 85fda9405827a223-YYZ
access-control-allow-headers: *

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 189ms
69ms Script
application/javascript 2600:1402:8800::1728:cddb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1402:8800::1728:cddb Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 22:49:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
x-amz-request-id: A5S9J95TEM4Q8PYR
ETag: "5a676288bcea03bd05e483bc4ce066ae"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2576
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11792
x-amz-id-2: 5tyrECTAyBq8IPGPrKBTwlClEW/AOYcwaBwvufuczevCEcagZYBMMc8uxfcD2LkIxFUEmgjlQ6U=
Expires: Tue, 05 Mar 2024 23:32:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
101 KB 137ms
61ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2676e3d4d3c4185137b0784f43286287d08a1df3b754637471cdb3cc6559ba0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102589
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Mar 2024 22:49:46 GMT

GET
H2 200 A4960984-1d8a-4877-8732-da02a6e830751.js Show response
utt.impactcdn.com/ 33 KB
14 KB 100ms
30ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:08 GMT
content-encoding: gzip
age: 38
x-guploader-uploadid: ABPtcPoyFQBN21irPVxgJmjUTsuuDbypZjU1lwaZzpv7cnM84fHvCPKy0-iM680od12rleJXlfLANqFrzQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13572
last-modified: Thu, 29 Feb 2024 22:40:42 GMT
server: UploadServer
etag: "4a348ce75121a8e6aebfe2e002da9d08"
vary: Accept-Encoding
x-goog-generation: 1709246442676682
x-goog-hash: crc32c=68nVtA==, md5=SjSM51EhqOauv+LgAtqdCA==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13572
accept-ranges: bytes
expires: Tue, 05 Mar 2024 22:54:08 GMT

GET
H2 200 f5e28690-e3b9-4eab-8d64-51d4051e7e96 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 125ms
48ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42059c83cda49bdd4a9f75a40de405486d3c6189a75ec735079082e581736d03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 56
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 85b44d2258f34414-SEA, 85b44d2258f34414-SEA
x-runtime: 0.014007
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"42059c83cda49bdd4a9f75a40de40548"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gl%2BXe%2F6FGLNy3199zIwObvOBeNJSAenZYc%2FJAjJfNfUFu0QvlUROxORnSfESQbHz6TKDgNAjB8j7AXumlhGzE8ds8WJBEWfLdJZ2QcDIe%2BJIuihtlH9%2BRsPQ%2BjpAqoGcCaA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 85fda941298636cb-YYZ

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 669 KB
117 KB 70ms
54ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8297891
etag: "6568c5a0-1d52d"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85fda9412f487288-EWR
content-length: 120109

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 27 KB
4 KB 69ms
54ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-shims.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 4564403
etag: "6568c59f-10e7"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85fda9412f477288-EWR
content-length: 4327

GET
H2 200 pro-v5-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 50 KB
7 KB 67ms
52ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v5-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
age: 8297891
etag: "6568c5a0-1c12"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85fda9412f467288-EWR
content-length: 7186

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v6.5.1/css/ 7 KB
2 KB 68ms
53ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/css/pro-v4-font-face.min.css?token=e6012efc1e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
age: 8297891
etag: "6568c59f-6c5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85fda9412f497288-EWR
content-length: 1733

GET
H2 200 kit-upload.css Show response
kit.fontawesome.com/e6012efc1e/81665541/ 0
142 B 55ms
48ms Fetch
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/e6012efc1e/81665541/kit-upload.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e6012efc1e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
cf-cache-status: HIT
age: 227265
content-length: 0
x-request-id: F7kxSKHAjNbr-litZ_qB
server: cloudflare
etag: 54af53b207eef226d6511e0a88e3038e
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
accept-ranges: bytes
cf-ray: 85fda9411f347288-EWR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

OPTIONS
H2 204 create-session
api.sezzle.com/v1/event/ Frame 0
0 307ms
97ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-session Show response
api.sezzle.com/v1/event/ 0
796 B 439ms
112ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/269f6ffb02ae81790952.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 66971d9b-6884-45a9-98c9-f089ce52d1a3
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 252 KB
69 KB 127ms
41ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:00:51 GMT
content-encoding: br
age: 2935
x-guploader-uploadid: ABPtcPqccXZ5ev2vgQPgoyHuWU3jCPUi4bE1LRW_iJ5E1oRcSrGzOopgumEG2zaC-j2gm6rEMFbG76RH1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 23:00:51 GMT

HEAD
H2 204 version Show response
api.sezzle.com/v3/metrics/ 0
898 B 231ms
100ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=e71e2d4a497b773708f6911c38dca6cf9dd6c246

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 2 B
324 B 692ms
57ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/orders

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 b00093d2fa1313225ae0.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 36ms
35ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: x5TDTLUCr2cqIXvEqFFzBoBANPWT83Cz
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:36 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 310
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3s9nstdFRjHq0sVMVYEP4tlm0HuNY6zIAe1xO18Tib9qopSA3VcSWw==

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ 345 B
424 B 62ms
60ms Fetch
application/json 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ Frame 0
0 140ms
54ms Preflight
text/html 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Mar 2024 22:49:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 af72798dd6b803099f04.chunk.js Show response
dashboard.sezzle.com/customer/ 212 KB
57 KB 38ms
37ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af72798dd6b803099f04.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3cf234b43fbf4004be8de7f21bf3ef6805c6098e26b6b7df7b032b215a15686f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: H9QPCHRja8lI31HgVhezpLLp2xSgqO_9
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:11 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 175
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"409713a8ad7ef01c9e29da1276efbd95"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OgcUZFHVpYQOQQUzLTuh5pOf4LETwmt8Oa_ygkZdNwI2TMx3K_6bIQ==

GET
H2 200 web-widget-main-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame ED12 435 KB
138 KB 51ms
50ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a5e4486967e411d4a219438a2730710c4e5246ea881d4d752236702b04bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
x-amz-version-id: jcnj1kjcj8PaYD1ke2zbYExznh.Bn8v.
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8G0SEN4Y8AGA93
age: 522946
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XXh/46OSh+jULrbHqnMTsxa30OK592yDtdQ23XZ3sks7tN2/eWE6NkAf2A96A3z7pH1kmUrs9OA=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"280d3830e83c392fd0deeea5952d4970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygMmWXgEUvFvDnPjHeQe6PiXf4DbmFf3I51pLceBmJaI9YndL4dsU6OtrbNscl1rYV5C7h9AVzRcXszynYfl3lskUEMQ7pXSnuh3UDOksFneflWXXZfZPaGNowu3hXhmkbvUGmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda9432ca4a223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 61ms
61ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38fb2eb4b1e3af97bebaa2006627fa969524b1d9fe4f903e46f9d925140d17b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95673
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 22:49:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
94 KB 88ms
88ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c33fae3db9d2b88a96b0d5a0fe1507b294e7dd130c2119ad9ade24ea7fabb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 22:49:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 121ms
39ms Script
text/javascript 2607:f8b0:4004:c17::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 21:01:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 23:01:33 GMT

GET
H2 200 Satoshi-Regular.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 429ms
41ms Font
font/woff 2606:4700:e2::ac40:8416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9736205
alt-svc: h3=":443"; ma=86400
content-length: 30876
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "789c-5e44d05a18ca4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fl0qyk1so1mFD9oitd6blv8%2FboEkm7ilzv5G5N2hAjg%2FB11UiRQIpTV%2FC8T6MHKyj4%2F5BgiCHBcYNHP7ULw1kQGdwvvPEzklLtBZkMChWF8BLtyQGPuspgs%2BNs6tO5%2BDMEmrkDq2B7KGqncqLSm44lQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85fda9468ca543bf-EWR

GET
H2 200 en-us-json-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame ED12 18 KB
4 KB 227ms
225ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4de7dae6b934307dd05a7c6f00b6c2403f421a17a60d15a75bb53f3653ce8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
x-amz-version-id: 3VQfA4qSBCBhhmnYiBbVeOG5srY1LlDx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8GQ5V98GH91HCA
age: 536308
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /4DcIzMQKrCxUd10y/sZTuH1JAON8OyMKxnUAmsO751Z6X2KmTk9End31Gb5qWsL0d2E9+TkIcI=
last-modified: Fri, 23 Feb 2024 00:32:29 GMT
server: cloudflare
etag: W/"3803146b29f5b93bbbdb9c51ef603316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwSy8L50YXBqT0e%2Fxvtamw%2FE%2B0kUzCKQiCjE5ZBBdOuG0Qed6WUacQwZbEO%2BjtywBGPOZ39i1FSZJ2ANpqctp744UXzOofLcrePq1ACBlRlct9NEbTa0YljKwJHDqXZBQAeXtGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda944aeeaa223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:28 GMT

GET
H2 200 web-widget-4852-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame ED12 139 KB
47 KB 228ms
227ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
x-amz-version-id: aQiQjumAcU6hhLiwTD.s7Ap8M.NwGc8a
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8VH2Z4H04JCZHK
age: 536308
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: xZo+7AA6vawEj36E7esCOSj/3Ul+5LbEM4vcQ951SZwYV9RUJkYx/8hvcz20c3JsNYmbAmQJxJE=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP5zoDlN4zKE95GCW%2BJZ7TQjYvb3I5w4ba%2BlTYM4RhxCCZdPszbn3ns81tehBIS1qPcsKMWSk8jRrDWEJTA0gkiIDZCgwZ65gRfbdQAt%2B3VJHT6NxZesu7cFTwRWJVo0scMISPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda944aeeba223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-1327-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame ED12 18 KB
6 KB 224ms
222ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
x-amz-version-id: rNdj49g0SrdbSjbLcgTYmFN5MiTjWsEB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 6XP1GVDDA98PJEVX
age: 527410
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Qo2fVl1OZPsTZ+4IFuPA4Nc+SP8qeqh9aqRgjnIxP60oNCqY/6LjOpviLXjSFhwUNxhkjtTVrWg=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WrvEAAapVk4O8osQOoEjvgo4wisS4ZLgUkuFRKeE9%2BcmQII38DDKUHHUPvOpsGT3K6yTyLsOh6TtSrjZ1kjb60uHAizvbT0n4oA6VLvBkG1RT2XmOi%2Fp4leE6Bn9kp90fYy0HE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda944aeeda223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-5178-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame ED12 24 KB
7 KB 227ms
226ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
x-amz-version-id: 2DBAxMX42P71DKqyPTgYVK1ZnjlCKoxU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8GQN515HPTABC5
age: 527411
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: NIL+JyxEfqX7zdBrWWBkf1rOdLS1xTTWoLt4KDhCXTH+Unji1QWKsgLY0yOqWbTqUZvVdY7Td50=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"4155d9334495aef51624739a922987ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmDJ0AvQiZTp3XPGt1%2BmkX85odttW85nWLbhloJ%2B8LecXIEf1uG80Ho2BChFNKbJ9UW748G3C4ZW7x5fbttXSiJew5I9eRL0BpKNf1fKRjXfk6qtWipdWzdoGtRiaxFu9Qy1cpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda944aeeea223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web-widget-9535-4793dd1.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame ED12 15 KB
6 KB 224ms
224ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4793dd1.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:46 GMT
x-amz-version-id: JS.LbEGO9IJSXIRabslfuJ8O6PsLLOWB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PG8JP3EXDJME00S9
age: 527411
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fWdzKwmWHHhSUMMmroSd4O8oNVlvL/DxUyFCKjOqYjuzDxHfvgBSJ6Dm2kGAaLaxKhu6rUSAriw=
last-modified: Fri, 23 Feb 2024 00:32:27 GMT
server: cloudflare
etag: W/"dac47767d3defab30fc014d56fbe8017"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ6ycnPClGKh7NcXr1A4KIgSmTsoImzOzI9uz0MX3cZmshbFLDNXOIBtKJpfAJ2ZMfrXeJtBFyir1eZAJHMMb11UaLzykornK8HrOZCyrhfkOUaE4SaTfg%2BWDQ%2FsbDvT4CNWweI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 85fda944aeefa223-YYZ
access-control-allow-headers: *
expires: Sat, 22 Feb 2025 00:32:26 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/13FHV/v1/ 9 KB
2 KB 43ms
42ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/13FHV/v1/web
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 431608b43b600be8cdc9f2358ef2103cb54ca703ad85e2202fe8e8212b26be8a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:43:14 GMT
content-encoding: gzip
age: 393
x-guploader-uploadid: ABPtcPoly3zjZv5Q9i2BRVkDHO-hu0uCfXIGvGe1G6eZ7vzTJi0Fq_ueVsxzi3YOWaq3St395o1dscLVpg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1951
last-modified: Tue, 05 Mar 2024 22:39:10 GMT
server: UploadServer
etag: "cf06ad43dcc3dcfc0947eb8c69eb6c10"
x-goog-generation: 1709678349959180
x-goog-hash: crc32c=sS7WmA==, md5=zwatQ9zD3PwJR+uMaetsEA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1951
accept-ranges: bytes
content-type: application/json
expires: Tue, 05 Mar 2024 22:58:14 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 118ms
43ms Ping
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776z8810595113za200&_p=1709678986205&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=235725959.1709678987&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1709678987&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto&tfd=1969
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 119ms
44ms Ping
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1MJLY6RLKW&cid=235725959.1709678987&gtm=45je42t1v886187776z8810595113za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 89ms
43ms Ping
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776z8810595113za200&_p=1709678986205&gcd=13l3l3l3l1&npa=0&dma=0&cid=235725959.1709678987&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&sid=1709678987&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=Clicks&ep.cookieDomain=auto&_et=5&tfd=2000
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 77ms
44ms Ping
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776za200&_p=1709678986205&gcd=13l3l3l3l1&npa=0&dma=0&cid=235725959.1709678987&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAC&_s=3&sid=1709678987&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_ee=1&_et=6&tfd=2012
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 47ms
46ms XHR
text/plain 2607:f8b0:4004:c17::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1789257498&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dp=%2Fcustomer%2Forders&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=17841286&gjid=706386307&cid=235725959.1709678987&tid=UA-72079130-32&_gid=675214606.1709678987&_r=1&_slc=1&gtm=45He42t1n81MX2HJWMv810595113za220&gcd=13l3l3l3l1&dma=0&z=1549687698

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 96ms
96ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 116ms
115ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 205ms
132ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 85fda9480a28a1ff-YYZ
date: Tue, 05 Mar 2024 22:49:47 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZroz2Uw0qhlD3iAksqCfShu%2FapRpwhdcA%2Bjvb8RFMS7JaFbvOGUzUmwi85tBZgPXuwRxEoYyqL6mywKaV7Y1HaK%2BWHyjSUN%2BxR%2FOAkUh0GKuC0SrjJW2O0LDuiKQw31WJMk%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 85fda9480a28a1ff-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame ED12 0
0 121ms
121ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN6huR%2BmhgMmvG9iYjTcuX%2BG%2Ff5Cw69VlCAb8Q6kuWeE2LVk8sq%2BznTB7Cw843Kj0hPSNRwFEaHr3F6Iu0yE66lds4Fe3fWtbJuPLTpZ6cMDR3LL4PX3OxLPQSNW4CPSvALwcA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85fda948db67a1ff-YYZ
content-length: 0
x-request-id: 85fda948db67a1ff-YYZ

GET
H2 200 config Show response
sezzle.zendesk.com/embeddable/ Frame ED12 843 B
1013 B 211ms
138ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-7b7b744477-kl42v
x-cached: HIT
x-request-id: 85fda93ebbc113f9-ORD
x-runtime: 0.002306
last-modified: Tue, 05 Mar 2024 22:48:17 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk5pZIC07yTrqWH2lHT6XH6205fyMVe%2Fv%2FgdTxHWGJ6KXkUXhuPebCizsxH6Dx470LDSo7%2FCiq86FTPPJ4QPGyI%2BjWzMecX21PKtuyyBtOEpfavgLOLIbNjBdNpOew%2FIXto8Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 85fda9480a26a1ff-YYZ

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 116ms
115ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 98ms
98ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 49ms
49ms XHR
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72079130-32&cid=235725959.1709678987&jid=17841286&gjid=706386307&_gid=675214606.1709678987&_u=YADAAEAAAAAAACAAI~&z=7791703

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 05 Mar 2024 22:49:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 9 KB
2 KB 776ms
88ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e9bfd2c627aed05d17278d6b1495329f8d7d8d0ce320ea117357ddd4e9f617bc

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Tue, 05 Mar 2024 22:49:48 GMT
content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 772ms
99ms Image
image/gif 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72079130-32&cid=235725959.1709678987&jid=17841286&_u=YADAAEAAAAAAACAAI~&z=1669902227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 0
0 55ms
50ms Preflight
text/html 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Mar 2024 22:49:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 626 B
514 B 125ms
124ms Fetch
application/json 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/0c0b11036ab99da64633.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e8f9c6966d7417671b787f0e69c6659f401efa48c29dc853c198f21659f4173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: en-US,en;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1hbmFseXRpY3MvMC4xMC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4wIGZpcmUtanMtYWxsLWFwcC85LjIzLjAiLCJkYXRlcyI6WyIyMDI0LTAzLTA1Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 491
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 80ms
79ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

463a3af9257e63ecd6d3f33072826682c9f21f25b8f88a96a321cf7bc9e3cf9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 22:49:47 GMT

POST
H2 200 feature-flags Show response
api.sezzle.com/v2/shopper/remoteconfig/ 332 B
1 KB 101ms
101ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 66971d9b-6884-45a9-98c9-f089ce52d1a3
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-ea6c37ad69531efc7826a3b4917cc2b5
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 supported-countries Show response
api.sezzle.com/v3/users/ 484 B
1 KB 100ms
100ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: v0-934f49c4766e3d9096112884fba7af87
accept-language: en-US,en;q=0.9
X-SezzleInc-Auth-Resource: dashboard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 66971d9b-6884-45a9-98c9-f089ce52d1a3

Response headers

date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-encoding: gzip
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
45ms Ping
text/plain 2607:f8b0:4004:c17::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je42t1v874508995za200&_p=1709678986205&gcd=13l3l3l3l1&npa=0&dma=0&_fid=cNfwkfbb6Nw-gdSjoVsv-3&cid=235725959.1709678987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709678987&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase&tfd=2430
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 feature-flags
api.sezzle.com/v2/shopper/remoteconfig/ Frame 0
0 108ms
108ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v2/shopper/remoteconfig/feature-flags

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 supported-countries
api.sezzle.com/v3/users/ Frame 0
0 107ms
107ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

OPTIONS
H2 204 status
api.sezzle.com/v5/shopper/auth/ Frame 0
0 101ms
100ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-auth-version,x-sezzleinc-device-info,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host,Cookie,Set-Cookie,Accept,Origin,Authorization,Content-Type,X-Sezzleinc-Otp,X-Pin-Reset-Token,X-Nps-Token,X-Sezzleinc-Refresh-Token,Access-Control-Allow-Credentials,X-Sezzleinc-Fp,Checkoutuuid,Cache-Control,X-Sezzleinc-Checkout-Uuid,X-Sezzleinc-Auth-Resource,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,X-Sezzleinc-Mode,X-Sezzleinc-Device-Info,X-Sezzleinc-Flags,X-Sezzleinc-Auth-Version,X-Sezzleinc-Sid,Sentry-Trace,Baggage,*
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,OPTIONS
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 401 status Show response
api.sezzle.com/v5/shopper/auth/ 24 B
972 B 105ms
103ms XHR
application/json 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v5/shopper/auth/status

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Trk-ID: 66971d9b-6884-45a9-98c9-f089ce52d1a3
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-Device-Info: {"model":"","type":"","vendor":""}
X-SezzleInc-Auth-Version: 5.1
X-SezzleInc-FP: v0-ea6c37ad69531efc7826a3b4917cc2b5
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Tue, 05 Mar 2024 22:49:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
access-control-allow-credentials: true
content-length: 24
x-xss-protection: 1; mode=block;

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 0CED 252 KB
69 KB 47ms
46ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:00:51 GMT
content-encoding: br
age: 2937
x-guploader-uploadid: ABPtcPqccXZ5ev2vgQPgoyHuWU3jCPUi4bE1LRW_iJ5E1oRcSrGzOopgumEG2zaC-j2gm6rEMFbG76RH1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 23:00:51 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 5B7F 252 KB
69 KB 53ms
53ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:00:51 GMT
content-encoding: br
age: 2937
x-guploader-uploadid: ABPtcPqccXZ5ev2vgQPgoyHuWU3jCPUi4bE1LRW_iJ5E1oRcSrGzOopgumEG2zaC-j2gm6rEMFbG76RH1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 23:00:51 GMT

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 3510 252 KB
69 KB 66ms
66ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:00:51 GMT
content-encoding: br
age: 2937
x-guploader-uploadid: ABPtcPqccXZ5ev2vgQPgoyHuWU3jCPUi4bE1LRW_iJ5E1oRcSrGzOopgumEG2zaC-j2gm6rEMFbG76RH1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70374
last-modified: Thu, 22 Feb 2024 14:57:06 GMT
server: UploadServer
etag: "f14fadd940a61b9217c00dafdcacd622"
vary: Accept-Encoding
x-goog-generation: 1708613826115878
x-goog-hash: crc32c=RzMU9Q==, md5=8U+t2UCmG5IXwA2v3KzWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 70374
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Mar 2024 23:00:51 GMT

GET
H2 200 b00093d2fa1313225ae0.chunk.js Show response
dashboard.sezzle.com/customer/ 1 KB
3 KB 50ms
49ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b00093d2fa1313225ae0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: x5TDTLUCr2cqIXvEqFFzBoBANPWT83Cz
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:36 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 312
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"c5f6fbaa69aefab9a350b4c5aa16a77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: SbTsXV2GolGSRSp9Fz4y_hVAuBL8G0_s4W2fVlG4JlOkzEWQlrePYg==

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 111ms
110ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
X-SezzleInc-Trk-ID: 66971d9b-6884-45a9-98c9-f089ce52d1a3
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 client Show response
api.sezzle.com/v1/accertify/browser/ 22 KB
10 KB 119ms
119ms Script
application/javascript 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/client

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/e6a9154d373e57975b80.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:48 GMT
content-encoding: gzip
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront)
x-amz-meta-build-version: 202302_01
x-amz-meta-client-name: Sezzle Inc.
x-content-type-options: nosniff
x-amz-version-id: jAAK0SFQ_qqAud.1QQmzcc7DcvvECa9o
age: 1168
x-amz-cf-pop: HIO50-C1
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Hit from cloudfront
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-replication-status: REPLICA
x-xss-protection: 1; mode=block;
last-modified: Wed, 05 Apr 2023 23:26:51 GMT
etag: W/"0b3f30d2c5828913f07f37e867212a52"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
x-amz-cf-id: AUR6DInHLgZPwJDaMkrkTp_ohVg6-B7utLcyrhDhHxtq3iIx5pFBVw==

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 110ms
109ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client,x-sezzleinc-trk-id
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 6ffb02663b0ab45e554e.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 43ms
23ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LBStxJgfX33NrJqlpXmtKIDJu1Qxdqi9
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: hbbCm1A8DJr9dUAjEZje1uEfrbdtcHDR4pbSu9khfn3fBarGma5C7Q==

GET
H2 200 09bd04621566e437c5b7.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 45ms
25ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Ai7BqLh0OSSGYp2qk9A8GAnmued46P2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:41 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: k_7pq-xHbE268R7_x8k2KYh8NAhp01TzkzKse4JVe40Q8xaOTpgrzg==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 45ms
26ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sk7kKmrqoE4sLXTJ2AtZfMyFMaQ7UmrI
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TsxQn2tj4guTqT380aBBJ2L9R_qZFxRs5o7iiERme4omLP_3ZGBpPg==

GET
H2 200 fa3ed811783641bef592.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 62ms
37ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AAfpvhhBfiZ92Z.EZ_zwGDdUzJuD2O1I
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mm6hf49JN4G3Zhr2gr99UDCvWZH2S5EviE6qtDJmI8yn7TqKwwwVcQ==

GET
H2 200 af0aa6add0b350681528.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 63ms
38ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MSRnwVn6fYJyPh9qA323TSw0jI31b6Ng
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4FSFHAIYXqmX0QPa6cPUPjw--EYgPox3-EudElfnCHsWOXSQTUQFZg==

GET
H2 200 0c2dca37325d4db72119.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 63ms
39ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Kf0gUX_X2u_R2L7yIYUIEh.O3vOjFrvJ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _3zAjbnFJJVKgkAxsOny8AqnimXp2dfR7aoYPv4L9BqQ58d5ku7kIA==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 67ms
43ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: whPjkdgLxZZCCiP4KyC2maLBC8L8O63W
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kOaUZKvDkuBaTH9jUT04G7PaxA4U9pYzRPN5MQBg2DjrKdNLPNW5xw==

GET
H2 200 14682bb3c63cae512aec.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 63ms
39ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Tx3blIEaN1jNTRNyGlg2JwMFAgdLBMI5
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Hhoslm0vQ-zeeTk4h519IklhSnEM0iu8LdoDuhb_jvE2f6lvo_7_fA==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 67ms
44ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tS4gX2b9X5pedNX73b_mnUWC1z9m.mE1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: u1_-ySY8nv_aN-FkXFaczokYIXBjLUECO_McMv2omxUAp5HuGaYwxA==

GET
H2 200 5943a84241d36f5283e3.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 65ms
42ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hqlaWGVFmA91i9TPnamsengDs6A3GjNN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: iXExa-3jf7HryrKtNmJ5NncvlrS8kQE7dSdiM4kJjQRy0vFEogynvQ==

GET
H2 200 dbbca07b740328687038.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 115ms
93ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JhLWay2fEtMXoyqYye1fZLXiBSMdzSQf
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: UspxPGgCXgSd3jrSFce6LiqkRmpit7jtymKrPI4-nzajgtJ_xEqn4Q==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 117ms
95ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Bp7YGLhgr5zWrqV.oesyp_HFe93pEjiZ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vJRl5TmHcNWB9JCFoOInafMN3r_123eMiApTFrLZfhU0Zj1sZRpMUw==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 119ms
98ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43m0K5FaQ20_ZrM4osI____j3ytzTOmM
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3QTRUc6dhW0wXAe-diX5FpQ6H282LIW79vzl6aiNMwqt-oGkhxPh3g==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 115ms
94ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ekqz3hQf7_HAzPX8IXR4XQYhL0IOaxHd
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 51UV_fZ0fO1YiQFQi2AiKwq5BrEVUO-p0gyad0olafmzvQZ6coUMlw==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 120ms
100ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 2.1RnWEs3TferJ0Hq_idC_tN2lHXWHjt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5jSl1HbfAVkf-SkVZfvwEbwwxd7JT25zFEf56Hm0BSJBkuN5LGRGyQ==

GET
H2 200 8811832d6a39201bc198.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 116ms
96ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9JpYQrQFUpNBodD.RGxmuZHopSTG_1c1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7LZn28C8GRtC958pVTk787YsAFx1FG88ji8qn8mQXRCDhbzIUmEGgA==

GET
H2 200 4760ba3062e72a347205.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 119ms
99ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vtgchO8YtPyPKr1hCWTKT3BF16PjtWR2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: X3yjisJRc2Uq_7Ef2KKQUW8ycxzJ_5KhgylYobsWd3f2mthTpZhGKA==

GET
H2 200 4264c93c1d764c35847d.chunk.js
dashboard.sezzle.com/customer/ 0
15 KB 117ms
97ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kGxH4wqdMLa1GlMRLybf70U5GyUR51s7
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: trjcG2HT_ugNcTAS1XVJVsZ-76DvSE2ig-OFNOe0-PRrp7Gcw_UVSg==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 116ms
96ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: w4ojeYLtLeXNabU6g497hdRrVc9l2wcc
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: CNNGz9CCCYr7OjTdYLpM59hcyLER_KmykhwRe8MHSjuaOQupRLbRrA==

GET
H2 200 9e95813fcc803f7dd100.chunk.js
dashboard.sezzle.com/customer/ 0
12 KB 118ms
98ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NoWl8EqmcZCedsgMIFvk26NIhDEJx8_O
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:34 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 39
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bXbyRaMZOesSBq2DZvfp5PFE0l3ngrglpVWDztQK08OrNkGVcEBayg==

GET
H2 200 9fad61294dfc4b014954.chunk.js
dashboard.sezzle.com/customer/ 0
26 KB 87ms
68ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 88wE0NMSXKPMJTjaEcnulkdqWcBgqdwG
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 323
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fimRnMbqgEX7c9E8Qg3KizyRWTcXUfS9ymRAoeX6BDyU0LvndecwSg==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 156ms
137ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lDwx20hLtug6rwN2aQCBEsob_l4GYaVN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:34 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 14
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: l6mxbYwxBTeB7nmUDITBh70vmcXydQjYICWgR3psCmgMlkn5kjL6aA==

GET
H2 200 0d01b350befed2dee3f1.chunk.js
dashboard.sezzle.com/customer/ 0
25 KB 89ms
70ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pxCCYtX4kAy_jNNV1YnokoZ8poQbcmPN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bk7785oZv9W7fU6w-rWAowgYW_ng-SmFfVzalPiwIyzLw4kNua1Q4Q==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 119ms
100ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NQB5tfXT5xgLmsvoXxXW8iPBxN6ae2QR
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 8UdNP55y9ShNz5fpMqI-g1vrpUAF_KOvMTPO7kt9rbKARVylvZEl6w==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 120ms
101ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C104Ze6IlBTc6B1352DC0LxPX_JaVm9W
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QHJ_7xb8NzdtY72GDzlwFQkFo1YMO9k8G-lU7PjauPIVLwks4x4ywQ==

GET
H2 200 8234e2dfceaefe948816.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 132ms
114ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BYCpzCbjQogrMGt_TMWhuKgxXqfn0r3L
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 323
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TwzPJhzNEyYSgjWAukZwqnNTismmY_JJ7BQk7AjJWsR54GPSWJY_zQ==

GET
H2 200 a097f2bf8c32774866df.chunk.js
dashboard.sezzle.com/customer/ 0
8 KB 90ms
73ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Hm4ziPBwC_WshDoAfiQMwUK4ILgHDYn1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: E6YM-Jg-Tan1nqTkzZYeZh4CxXlEaApmeVd6KclokwM84l33P9UV8g==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js
dashboard.sezzle.com/customer/ 0
17 KB 155ms
138ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qQEmGVwehDQZIPhfMRMrwUfUSNFmyMmn
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -B9SOMPTKlJe7deKwWTwFkzYTbnlTTJnCkyR7GNOf6WgzhNlmopubg==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 118ms
101ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RSScFWM2IgJzw_toAmiNymdRJLZyASXt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _872SYYlAEKEMGhPEdy-UyncevUdVDOfnUcHlg453LxZkQNfXCUTCg==

GET
H2 200 4508149fd282227b8d0f.chunk.js
dashboard.sezzle.com/customer/ 0
7 KB 123ms
106ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0GQbNdb5EZPdKwxpoQUHZCJ9bV31R_U2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: y1gIwYCbSD_A2j5NeQ-9zoruRUHreZdiDZ9Uue3827YGyWGpuQE96Q==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 119ms
102ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sHpjhu7Nk9070BZcNTCsqCOjpnpmo7WU
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 311
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: E_zCFHFMgrK8MV_sjwFI1BHduUIJJ4sEz2lmvlNa7z-1M372D5bgCg==

GET
H2 200 a98d1424cac4789c93a2.chunk.js
dashboard.sezzle.com/customer/ 0
29 KB 120ms
104ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NKMHD8kIJsp6MVuW.DNARqHjQwR5rENU
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Xclmb6mYhRbzy7PNKl93TKceA24EmxbFg5_3WNCPfmOsl2sB_L4WGQ==

GET
H2 200 824d6f85b144437f289b.chunk.js
dashboard.sezzle.com/customer/ 0
18 KB 119ms
103ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8AMj5t7iClMC4oB_6dFaAFCLoSP.Sl_F
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 209
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bnzAcDiWOJxB1-9t2DzAltNoTi23sWstQyQyXss-vRaDmU1kJW9HRA==

GET
H2 200 14be24bccbc068111182.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 154ms
138ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BBJ8wKpHU_D8N3lWL0kq6YwuakLI1tHg
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ohWAER5oJ0mq1kPNWCQAKjlPv4m9K677QHq__yQOP9vBGkxBFrbq-g==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 130ms
115ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: i_3GoGRQtfV1rIsSxieFgU_jqqdQx8ky
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: b2Luwh0PE1lLnymeHVzRxS9a1OIR59Qr4PKX65rOpKGqNYF9pTiqaQ==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js
dashboard.sezzle.com/customer/ 0
19 KB 122ms
107ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: seXX_ACI2SqFlGpuDeKxfeDKzVir45.j
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vEC21BtBne_Mw-hQqkwI7nD4Nv8Mb9tmIibx_LN7b4g0-xy9CEeTOg==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js
dashboard.sezzle.com/customer/ 0
14 KB 119ms
105ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: OmtCRhjchHp9W4g6xJDTysv3hD39uRnt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dFGISEquf_zW6lJ6ZVtqRvr6L1Oteb5N4iTavPJaNOk9oa9AmZq9kw==

GET
H2 200 d3e0b27b541a88b56439.chunk.js
dashboard.sezzle.com/customer/ 0
21 KB 119ms
105ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Av1FAuiAUpR2tZBHTHtoY5xCwpBSGnkY
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 2DeCKVBa1FdS71wsOrOTkd17c091epJNP0DnMyHtQugfdLNocOn2og==

GET
H2 200 95752ac49145b73483d1.chunk.js
dashboard.sezzle.com/customer/ 0
16 KB 120ms
107ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9H3cj9RFDKobnsOXgEP2zUjwbJkdHGNj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JIxrRYg-6Z3_j8fUn0kPa6MYdqjDwkFNqlG_sqpQ1Ax3KNporwC-kg==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js
dashboard.sezzle.com/customer/ 0
6 KB 129ms
116ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z2LydNr6MlUPScg9cgY5UoXTMuemZHcj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: MnQ9Ye4iM2fZSBTVcxv2Ab7Hc3n8InPf_u-9bGwnUTlqVOhBVks9eA==

GET
H2 200 4aa5798b018517a651a0.chunk.js
dashboard.sezzle.com/customer/ 0
10 KB 122ms
109ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CBCVDdWzo2wE752055PV_tCdzuj4fBuI
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZLwE4-XCuIK5wx2i8jd9_-IQb5ITHpxjDEAW5tbLSBxUYNfHBigWRA==

GET
H2 200 3f4aba9f5964d1741939.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 152ms
139ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TCZrJWyqfu7.QZ1vs9Kb_HQuXn4cdR6f
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6gY-dvrn2V8ZVFeC-VM3789Y_XfXwO56h4q4fqq9TDHvSR3z_7PNrQ==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 121ms
108ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: je8cvYEpIEMhquUHnu7zGL6QQtK2nmM1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EZE7c8U8447FeKXX-aMW0YUduEIgJyDKGkiJ7T5RTQgyBnqC89KffQ==

GET
H2 200 4a0ba63f290972189691.chunk.js
dashboard.sezzle.com/customer/ 0
11 KB 130ms
118ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lqstLEJQAaPgqviswpynovkrV1EWSjlB
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: uKH6uJa3HHswAB_nFo5qjaAcgGoE7t2o5sCHtBfu4xFct_Wb57ePNg==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 122ms
110ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Djlv3to_rFF.BN2Wf2FVe.iBJjPd6xRL
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HUOs2NGJKUXXqXUlOaOcTi7qsO0r9wKSu_9kug6MqnOODr0kd6Pisg==

GET
H2 200 c5b620c163f3b359d753.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 121ms
109ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xVhiCoP20kW_3EHNsgQq0_9O4Qb2VMSB
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6J0k_thhoLRHGTr6FH8cBt-xbieOcBa4a6YchkRwQfGO4ooU0Zourw==

GET
H2 200 b508ebff5126e8474986.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 94ms
83ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C7offsHQ15vJOwidF4SEdkxMjwNe1DBt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 311
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: CZSclI5IlqemeQjwltYUE15uNswq6tgYiWVhZjBCXn-P5ME6Tgl5cQ==

GET
H2 200 95d58c447de1b1125092.chunk.js
dashboard.sezzle.com/customer/ 0
3 KB 121ms
110ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RF0XIDEtQiDBR6BdefMb5FedIeGcb4S0
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 4y5R0_GIrTBpOrIW2XMVJRrEDf5owmy6C9m4KfC86MlIbPz6-Hppeg==

GET
H2 200 94376e38e631783ec8d6.chunk.js
dashboard.sezzle.com/customer/ 0
4 KB 122ms
111ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0zfOvoalffm5Gu93cvqwcPyibzJiTnl1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 604
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jdxVcbgrb_AcqPo8ofX5wnO0GPgLz7TLZXjfov8Ong8lzX3bI-sT7w==

GET
H2 200 8e0a43f0256a3165a631.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 127ms
117ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8htcNlTOuL7JWTvs4MkKHM.fx9HkUyaj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ube1OT7N2AI-j82IW91rq-cVwGElu3bRJo9OKcGfZd9-8wKa3Phv0w==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 126ms
116ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: J9fi.cTYYN2z82kYLChT0Bo2PTCwKUu5
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: QHRZgGO0oQrHdPWmhmnb4y7PpcHgbIawKkUIJj89ExPobgnt_lk6gQ==

GET
H2 200 27fb5d991e982837bbb5.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 128ms
119ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vKV7uaNwLHadECpseAn8jVoi_KCNB7K3
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: keMqaSOgqv7i1AlvtdbUJt-iuGp23-S9cYqQskIPGOEi368YlRbExQ==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js
dashboard.sezzle.com/customer/ 0
22 KB 121ms
112ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNgyOjAezw.U6R_NiNIY4dggmpljONui
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: aqRcv8_Vb6fxdsJLbB6EqsIyML2tdC-QpJSmtBGXEFL8rFMC8Q3Mpw==

GET
H2 200 7a6fdb1ce14b04b2cb7d.chunk.js
dashboard.sezzle.com/customer/ 0
46 KB 127ms
117ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7a6fdb1ce14b04b2cb7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iQq2vAlpLn1EFGqZC3Afe6jaXvXdKrrZ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"d35a2136a1450561976965fd1330dcd8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vtRqhq6037TDI8BQnIkfJN8xN5AX3Qy3GHk5eMQI6YUzy0MIwK2vXw==

GET
H2 200 e09d48e2409b9f29e8d0.chunk.js
dashboard.sezzle.com/customer/ 0
5 KB 121ms
112ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e09d48e2409b9f29e8d0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fs7dPS.fnFrgP7Ta9iz5Nrb0E_h8VcKA
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:05 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 459
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"38eb356959ca661dfef9bc930c6e10e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EtQrdA1-uCZxMfP2om-kaJss0x8xhfEgEwnyFYpXeto5AMf6-vlnmA==

GET
H2 200 a45c59dc5ba886671582.chunk.js
dashboard.sezzle.com/customer/ 0
24 KB 145ms
136ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rp1UxVP.LoEwZveGh7SMxK2f3wK3pu31
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: LhBVDYtWe-xfy5nJc1Qmm_I7zSPpMcI4LCAoFtOrur5s6wEa0X0Hjg==

GET
H2 200 d06a69625cde48cfb5ea.chunk.js
dashboard.sezzle.com/customer/ 0
13 KB 121ms
113ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d06a69625cde48cfb5ea.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8y4.x6NoSTj7W7GaiU7ENsfHFyrdTxT1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"8331bcefbb87bd895dc3d8e2ac202d8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: G2dd9TQiK8yNcbLo4_fwOyWWEeyAt8XTnePI8w8AQEtjU2spVH38Ig==

GET
H2 200 d768bc1f0d63296450f4.chunk.js
dashboard.sezzle.com/customer/ 0
9 KB 154ms
146ms Other
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d768bc1f0d63296450f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6h0NctG1doJ7WCyaea.6E6ydicjKjDdk
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:05 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 508
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"1d465b3e065987c507135a1f75fdada3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: bY16ppMAkCnibtBgNguzq_c45gIj4UPMbn97iAHgPtkGk-ZCGt5FJw==

GET
H2 200 d5f5e6f325231033d4cc.chunk.js Show response
dashboard.sezzle.com/customer/ 3 KB
4 KB 121ms
114ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d5f5e6f325231033d4cc.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pXATZFhADyDt88xKJC3v1qjyUI3SlG0W
content-encoding: gzip
date: Tue, 05 Mar 2024 22:43:20 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 536
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"fee56067ea57ca1eb89bc5c82204636b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IvqJOMo0sZhpqlPNr6yKrwnDj1g_XPJmNRRacEg4jNL_6csp6JrrvQ==

GET
H2 200 bf.html Show response
api.sezzle.com/v1/accertify/browser/beacon/bf/ Frame 6E29 6 KB
3 KB 310ms
309ms Document
text/html 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=600, must-revalidate, public, proxy-revalidate, s-maxage=3600
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
content-type: text/html
date: Tue, 05 Mar 2024 22:49:48 GMT
last-modified: Wed, 15 Feb 2023 22:01:34 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: accept-encoding
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront)
x-amz-cf-id: 2vI1th05SGX_gTQeS4d2eSfddpT70BDPzAqeRWpvax7SQwyRzy6UmQ==
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H2 200 cc.js Show response
api.sezzle.com/v1/accertify/browser/ 39 KB
18 KB 155ms
154ms Script
application/javascript 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/cc.js?sid=beee383f61fe5c6f&ts=1709678988694&namespace=advc

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

962785803826134e29f0168eab85308d776775aac3bbe787be90bf3ee1b15a16

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:48 GMT
via: 1.1 c8997576b0e59159a991d905466fd2d4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C2
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
x-ia-request-id: 950185083bd19adf733d6c849ecbd004
x-amz-cf-id: L-tt9BLC3PfGXj5UZgO5BbX-eFciERuowmGwDdpsTFwqYW46ZeMR-A==

POST
H2 204 et
api.sezzle.com/v1/accertify/browser/beacon/ 0
1 KB 303ms
303ms Ping
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/et?c=gLaZegefMpAvkrns_6KD2oLP8FU&t=c936044d6632b5055a8a444da2872d486de1

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 22:49:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block;
pragma: no-cache
vary: Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com, *
access-control-expose-headers: X-Sezzleinc-Otp,X-Sezzleinc-Fp,X-Pin-Reset-Token,Set-Cookie,Cookie,Host,Content-Disposition,Checkoutuuid,*
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: 5Lv80RsrbQm5bDmYIF8DLfQOz5EwidN2O-PHFSr8khfBsXK6otQGxg==
expires: 0

GET
H2 200 6ffb02663b0ab45e554e.chunk.js Show response
dashboard.sezzle.com/customer/ 62 KB
18 KB 43ms
26ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6ffb02663b0ab45e554e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: LBStxJgfX33NrJqlpXmtKIDJu1Qxdqi9
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"340ed1741698d719526f81db9335c2e9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Cu3ExjSmKja_V1rFUyHXLHQdsd9SN2bCwkmVHLGxVA9f4pXDJEw9Kw==

GET
H2 200 09bd04621566e437c5b7.chunk.js Show response
dashboard.sezzle.com/customer/ 35 KB
11 KB 44ms
27ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09bd04621566e437c5b7.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 6Ai7BqLh0OSSGYp2qk9A8GAnmued46P2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:41 GMT
etag: W/"50a6eb86496526612b947faca7a3676b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3G-grafrzM1B2mdwh7MCQIkYhU8Kc-NwbffkWV3YrdrWh-0stCx-bQ==

GET
H2 200 dacde12873e6ff9ae37d.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 46ms
30ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dacde12873e6ff9ae37d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Sk7kKmrqoE4sLXTJ2AtZfMyFMaQ7UmrI
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"d57be1c73d725f7a218e92752420818c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: spyShe7q5rvU8SYM4hT3p65d69A9wF7Sq_kxHMsQ-Aj75j8t5mxS9g==

GET
H2 200 fa3ed811783641bef592.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 45ms
29ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fa3ed811783641bef592.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: AAfpvhhBfiZ92Z.EZ_zwGDdUzJuD2O1I
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"5a63830aff49825265e22495b363520f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Qn3LjOHYXIem0rzfIn08_Zbg6Awb3-PkomPjNN6y7Rv0vb0YemnV-Q==

GET
H2 200 af0aa6add0b350681528.chunk.js Show response
dashboard.sezzle.com/customer/ 82 KB
24 KB 47ms
31ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/af0aa6add0b350681528.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: MSRnwVn6fYJyPh9qA323TSw0jI31b6Ng
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"679b9f3f30fc7f3f53d4ee3a36c0e99d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: w_mPTzj-AJXmYQq-BoAFmiV6iCA0aluqim0MkGYFiFtkw8ah-4Kt1g==

GET
H2 200 0c2dca37325d4db72119.chunk.js Show response
dashboard.sezzle.com/customer/ 28 KB
12 KB 51ms
34ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0c2dca37325d4db72119.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Kf0gUX_X2u_R2L7yIYUIEh.O3vOjFrvJ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"2b4805e641269469a8ce971c236c3fe4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: le8WXOJtG8NjE_ao7CE9V221LADlKb5wuwIzKnBhZrL37FqVSg9CoA==

GET
H2 200 7fe40c09ac89fcc85e36.chunk.js Show response
dashboard.sezzle.com/customer/ 66 KB
18 KB 52ms
35ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7fe40c09ac89fcc85e36.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: whPjkdgLxZZCCiP4KyC2maLBC8L8O63W
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"99c130fea2e602895e7303d827b37c7d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: TsVwrEk1JxaT6751G-SVYeUBHj56k3TDa3ki_8dyFFST0nKahDnPdQ==

GET
H2 200 14682bb3c63cae512aec.chunk.js Show response
dashboard.sezzle.com/customer/ 98 KB
25 KB 57ms
40ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14682bb3c63cae512aec.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Tx3blIEaN1jNTRNyGlg2JwMFAgdLBMI5
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"7b5082049447324416162932d5d6dda6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gDxs_85HIFznBsbWKZq646aERQySN01A3UAg4Ec9L2FakANrZ4YR_w==

GET
H2 200 73d7c6f15610b6829fb9.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
9 KB 55ms
39ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/73d7c6f15610b6829fb9.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: tS4gX2b9X5pedNX73b_mnUWC1z9m.mE1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"50273aac379531a93c7ce3fbf2a5e8b2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Ao4oUKbyWev-LwKUGa5OsSAs0xsaDb2aXL3NvhFk4Oq7uup_w8in2A==

GET
H2 200 5943a84241d36f5283e3.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 53ms
36ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5943a84241d36f5283e3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: hqlaWGVFmA91i9TPnamsengDs6A3GjNN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:50 GMT
etag: W/"7afd64d55e756f9f84d4e826f85e332f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xyh6R0kUIeBHHdlzcfrkqvhaZvuwxZgJhlJlqdK8rcvgFTiSGRYktw==

GET
H2 200 dbbca07b740328687038.chunk.js Show response
dashboard.sezzle.com/customer/ 29 KB
9 KB 54ms
37ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dbbca07b740328687038.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: JhLWay2fEtMXoyqYye1fZLXiBSMdzSQf
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"00cc70c8106267308441dc21cca8f5df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jhGwU3YnywjvMcnCyhsDdHalSju54m87JXuhkG_OqQf0WNO7AZWEug==

GET
H2 200 63e0333b9dc0a8e6a695.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
7 KB 57ms
41ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/63e0333b9dc0a8e6a695.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Bp7YGLhgr5zWrqV.oesyp_HFe93pEjiZ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:51 GMT
etag: W/"94b8aa4d5eaeca503d2406a12b27c8b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IUTN4ENdnphOfUfV7eOiMdFFLc3IWZa-I4Sgbs3PXq1Zjzq_Zllw6w==

GET
H2 200 ac0d88db9f5860b36dd1.chunk.js Show response
dashboard.sezzle.com/customer/ 15 KB
7 KB 58ms
42ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac0d88db9f5860b36dd1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 43m0K5FaQ20_ZrM4osI____j3ytzTOmM
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"d9fb646a26ea3f812c8ae33306aa58bf"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: btXV2HEblJR_bZtbjO9S3T7oG88wnj8TvyLs0LhLAD2sDbcJWXFoUA==

GET
H2 200 dc3dc215898641ae2e6b.chunk.js Show response
dashboard.sezzle.com/customer/ 45 KB
14 KB 59ms
43ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/dc3dc215898641ae2e6b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Ekqz3hQf7_HAzPX8IXR4XQYhL0IOaxHd
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"81220b05ccc4a4537c7509993826ab93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vqRHurx7dwX2g3rVirSoYu8g8NmacDNB5bJHZIZt6IFmz0F58ViTlw==

GET
H2 200 baaf50b7a8ba1d3080de.chunk.js Show response
dashboard.sezzle.com/customer/ 70 KB
18 KB 60ms
45ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/baaf50b7a8ba1d3080de.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 2.1RnWEs3TferJ0Hq_idC_tN2lHXWHjt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"6b95795b33ecee667622b8db91f799bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: zvm13XnF2H10yeAX9eqo9Nux9U6DUBB2NXAzKvQlLXYdqfY81kgLPw==

GET
H2 200 8811832d6a39201bc198.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
11 KB 61ms
46ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8811832d6a39201bc198.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9JpYQrQFUpNBodD.RGxmuZHopSTG_1c1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"8532dae589e0062d54722f12788567df"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: OQeC5Uw5cPqse5Yc9JAI_EdUp0HnNEvJp27WLLP1OyjUCEOmUSWw9g==

GET
H2 200 4760ba3062e72a347205.chunk.js Show response
dashboard.sezzle.com/customer/ 83 KB
26 KB 72ms
57ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4760ba3062e72a347205.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vtgchO8YtPyPKr1hCWTKT3BF16PjtWR2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:39 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 309
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"6ab70cdbfde88dd540bfa9ba35d3883b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: fgFslycklDNTKcZY8SZpirtGCRMzTpnznJMqGxPiRnu7D6HXliz0Rg==

GET
H2 200 4264c93c1d764c35847d.chunk.js Show response
dashboard.sezzle.com/customer/ 55 KB
15 KB 62ms
47ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4264c93c1d764c35847d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: kGxH4wqdMLa1GlMRLybf70U5GyUR51s7
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"946eabe1b83c419aa159e09dee849098"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: g0IshiwvSIu2VcWfeb0pr1QxroB_RuSgk4Yc5yHWBgkFjpMPy-8pNg==

GET
H2 200 9af3ea3a2e52bd2f9436.chunk.js Show response
dashboard.sezzle.com/customer/ 61 KB
17 KB 63ms
49ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9af3ea3a2e52bd2f9436.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: w4ojeYLtLeXNabU6g497hdRrVc9l2wcc
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fa21e16e6d0ecc8feecd0e90f9aeb1f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: mNz5tRk_SltI1WQURQU1n1Rdiy_CllDVou_OxUJuIHJsZ-JIxA3TIg==

GET
H2 200 9e95813fcc803f7dd100.chunk.js Show response
dashboard.sezzle.com/customer/ 34 KB
12 KB 66ms
52ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e95813fcc803f7dd100.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NoWl8EqmcZCedsgMIFvk26NIhDEJx8_O
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:34 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 39
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"93da41a7ead7b2c164de7714ef883f32"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _DPFKmfo_-Yj90wizWHhgGBOwwvsD2Bc-le5Gs-kxUo6rh2BvAFi8Q==

GET
H2 200 9fad61294dfc4b014954.chunk.js Show response
dashboard.sezzle.com/customer/ 125 KB
26 KB 64ms
50ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9fad61294dfc4b014954.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 88wE0NMSXKPMJTjaEcnulkdqWcBgqdwG
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 323
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"c0722330d9de84481cc7fc45b1e7e7af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: gk5s97Cokiw0WZsNFCdG8uk8QYMyWSqfnKVy4Gr9ucj7p2nEe2kPYA==

GET
H2 200 0f78ee11190a03ce4b99.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
4 KB 68ms
54ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0f78ee11190a03ce4b99.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lDwx20hLtug6rwN2aQCBEsob_l4GYaVN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:49:34 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 14
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"bc88c4a7c35173e0414d71f029728ce6"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: PTATVhVxfysf4VOcaP8-QqOlFLa8UJbfnsR-NrDOQajhTBpaFvxhwg==

GET
H2 200 0d01b350befed2dee3f1.chunk.js Show response
dashboard.sezzle.com/customer/ 80 KB
25 KB 69ms
56ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0d01b350befed2dee3f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: pxCCYtX4kAy_jNNV1YnokoZ8poQbcmPN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"0b0b2ae62cb4b9f72ca5dc04f809b59d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: SJEmYGvrB-o97b4Dtg1thMvAYBPLecnXZEKn63L9F5rLI07HDFmRLQ==

GET
H2 200 05da821c9ba3ec0d7c1e.chunk.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 68ms
55ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05da821c9ba3ec0d7c1e.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NQB5tfXT5xgLmsvoXxXW8iPBxN6ae2QR
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"30e7f7ece348be6938edfe20c6df12f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 15YpUApAi1u1-nz9JFj5VLnNxp9sPjQu4L38f2o_GdCAXLcHvrhibw==

GET
H2 200 42ada3b08d4f6c6a7f37.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
5 KB 74ms
61ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/42ada3b08d4f6c6a7f37.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C104Ze6IlBTc6B1352DC0LxPX_JaVm9W
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"7be3163fcfc5f49264bd21cd87ca85f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ODs1jjUD6p2R26wt2pBaqHCwxt3zBDTeCeICmYeDqSM3iubMxmo-eA==

GET
H2 200 8234e2dfceaefe948816.chunk.js Show response
dashboard.sezzle.com/customer/ 60 KB
19 KB 76ms
64ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8234e2dfceaefe948816.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BYCpzCbjQogrMGt_TMWhuKgxXqfn0r3L
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 323
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"9995876740897ca69bdaf3998e18ecfb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 3MFPrxB0ELqeQVfEkXXUEm4Gm_-xOq2SX72v7pL3FxJxzzPL-p06BQ==

GET
H2 200 a097f2bf8c32774866df.chunk.js Show response
dashboard.sezzle.com/customer/ 22 KB
8 KB 75ms
62ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a097f2bf8c32774866df.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Hm4ziPBwC_WshDoAfiQMwUK4ILgHDYn1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"0582207d101fe45fd5cd1b2f606dd4b4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: x1Rr7HXYjHVMFgYyFX9_ZZaKa96wvHy4IziOsaT6ARJMz6UB1Ws39w==

GET
H2 200 0ad1d63460eb19a7c5a3.chunk.js Show response
dashboard.sezzle.com/customer/ 54 KB
17 KB 77ms
65ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0ad1d63460eb19a7c5a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: qQEmGVwehDQZIPhfMRMrwUfUSNFmyMmn
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:42 GMT
etag: W/"1306b39bf6d597d45eb91214e2cbc06a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: lWjjGSePwgyGXfn1ed-oIad3Cd5f6ebkNwtyC3O5X-RjPfF_cZAdNw==

GET
H2 200 8b3f28626d87a6d8fc98.chunk.js Show response
dashboard.sezzle.com/customer/ 40 KB
13 KB 78ms
66ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8b3f28626d87a6d8fc98.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RSScFWM2IgJzw_toAmiNymdRJLZyASXt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"85f7632c57d14cbed4e45301541c446e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qk2n7_wV3D2KwNevtGoxkhf7GmjnDJ0g2yDur8BFf4IbH1cvXe98Rw==

GET
H2 200 4508149fd282227b8d0f.chunk.js Show response
dashboard.sezzle.com/customer/ 14 KB
7 KB 79ms
67ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4508149fd282227b8d0f.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0GQbNdb5EZPdKwxpoQUHZCJ9bV31R_U2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 683
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:48 GMT
etag: W/"4c38c79f6cc85bb700ad43683654b0ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wDRsGFT45bVbyhTCU9GMuo1YJq17qPikCPVDJ-O8x1B091FvTbSRYQ==

GET
H2 200 1e0354ed0e1495a1a3f4.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 80ms
69ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1e0354ed0e1495a1a3f4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: sHpjhu7Nk9070BZcNTCsqCOjpnpmo7WU
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 311
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"521cbe9eac2e45d8de17e554fb840410"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: K0bEma_ydcNNK82JAkpcLlkvsEVy7EFhG3X8kF_zncnAmziSpWDbKg==

GET
H2 200 a98d1424cac4789c93a2.chunk.js Show response
dashboard.sezzle.com/customer/ 87 KB
29 KB 82ms
71ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a98d1424cac4789c93a2.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: NKMHD8kIJsp6MVuW.DNARqHjQwR5rENU
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"3c5fa4a65b1a4a1c4d5275a90f9d972b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: t9FRUoHcW0SlWtSR3b8gkElaRz-y07Jc2Xh0IgJVt_gWuenZv9VHCQ==

GET
H2 200 824d6f85b144437f289b.chunk.js Show response
dashboard.sezzle.com/customer/ 72 KB
18 KB 80ms
70ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/824d6f85b144437f289b.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8AMj5t7iClMC4oB_6dFaAFCLoSP.Sl_F
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 209
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:54 GMT
etag: W/"b621189e6dfce4848c84529df0509792"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -oVg0YN7LX7o4Plrcj_6ocTIusrBQpTdBYvahv7dWBzp_KvQCBXuGw==

GET
H2 200 3c36f12b1acc880cd44d.chunk.js Show response
dashboard.sezzle.com/customer/ 13 KB
8 KB 111ms
101ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3c36f12b1acc880cd44d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: X4kWn_wYq65USZQoNMA2R1EChEEIuZM2
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 209
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"953e37bdb81aae15964dc7cd7ef7a2a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Y9lH-UcYFLP4h25u-WvEK5jwJQtq0DH_EVdT83AoL-nhNotFxWC1VQ==

GET
H2 200 14be24bccbc068111182.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
13 KB 84ms
74ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/14be24bccbc068111182.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BBJ8wKpHU_D8N3lWL0kq6YwuakLI1tHg
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:44 GMT
etag: W/"5afb904b35314e1b0f4d5778a589feca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kwxulWJOxSIoOy3eYOM-b7c-31CjDobywpcde6fWitZ9Nzfv3uGdVQ==

GET
H2 200 970c3dcf7315ee0e2a22.chunk.js Show response
dashboard.sezzle.com/customer/ 20 KB
10 KB 82ms
73ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/970c3dcf7315ee0e2a22.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: i_3GoGRQtfV1rIsSxieFgU_jqqdQx8ky
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"88432e50ac1596330fcad541848c00c7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: i2H1J4gt1ya4umiA6mQKNR0KCzSTso3iLI7pmsDjgJqmqc-TjN4UkQ==

GET
H2 200 3ea20e0fa8f0ae630bff.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
19 KB 85ms
75ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ea20e0fa8f0ae630bff.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: seXX_ACI2SqFlGpuDeKxfeDKzVir45.j
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"e37ff82f842745e5594d275ad1283b1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: HC9N-z0zGI6u4HgTrbHvAkwRXMVawv3G7FZLW1PX0RVf_F47C1JRkQ==

GET
H2 200 212d8e432ea1d502d8a3.chunk.js Show response
dashboard.sezzle.com/customer/ 32 KB
14 KB 87ms
78ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/212d8e432ea1d502d8a3.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: OmtCRhjchHp9W4g6xJDTysv3hD39uRnt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:45 GMT
etag: W/"ade10e96d1a6167e9f74b18ab2d1c712"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: EAP9373shl1mldCmasvd0i1UKAtOMv2eszTiDeFrBaPXoZxj_h7xTQ==

GET
H2 200 d3e0b27b541a88b56439.chunk.js Show response
dashboard.sezzle.com/customer/ 56 KB
21 KB 86ms
76ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3e0b27b541a88b56439.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Av1FAuiAUpR2tZBHTHtoY5xCwpBSGnkY
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"7bb185181a0a366cd5aa4141556f4fb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: NBjaggnMpglrPV02JcftDe3QXDh0K6y830OV1PmRdzMeZzQMpJRkKA==

GET
H2 200 95752ac49145b73483d1.chunk.js Show response
dashboard.sezzle.com/customer/ 39 KB
16 KB 88ms
79ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95752ac49145b73483d1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 9H3cj9RFDKobnsOXgEP2zUjwbJkdHGNj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"1b9380fc11cfc57a14c8d27b5a8ca2bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: C0KvM3YMXYSFxDxwryq12mtLKrYSiVXXlN596bxDBdj1UIvuNCiSwg==

GET
H2 200 2ab49f425c4ecbd2def0.chunk.js Show response
dashboard.sezzle.com/customer/ 10 KB
6 KB 90ms
82ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2ab49f425c4ecbd2def0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: z2LydNr6MlUPScg9cgY5UoXTMuemZHcj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"f8a4b3b559a9331ae0e8672086d97d6e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: -VM_2pgiUG17jJC3Ry8yeHOwYOZnvNFhaGT0iqroFdI9RJ1xAvejSg==

GET
H2 200 4aa5798b018517a651a0.chunk.js Show response
dashboard.sezzle.com/customer/ 23 KB
10 KB 89ms
80ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4aa5798b018517a651a0.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: CBCVDdWzo2wE752055PV_tCdzuj4fBuI
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"48c14417179070d1f40bb8eb39857b45"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: qc17mrUGWd56F-jaHWlqsHjOsk1xW2mUgIvqtnQoa0RtZmLM8hY4CA==

GET
H2 200 3f4aba9f5964d1741939.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 92ms
84ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3f4aba9f5964d1741939.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: TCZrJWyqfu7.QZ1vs9Kb_HQuXn4cdR6f
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:47 GMT
etag: W/"852f1eef526d5fedc826fc035b3be58e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: AjREeycDD2pA8vJLLa63v4fn5hVP-VZoo5hj6eATVSkq_8rCML7Eow==

GET
H2 200 e59c6fe11a33b04e5de4.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 90ms
83ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e59c6fe11a33b04e5de4.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: je8cvYEpIEMhquUHnu7zGL6QQtK2nmM1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:59 GMT
etag: W/"840bb8ebd19dea484d2958c0794a6680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: wZEBdvKFiKIQjyL3Se1dYT-O3HXTxdAFKWHUI0c55KANpREjFfcabQ==

GET
H2 200 4a0ba63f290972189691.chunk.js Show response
dashboard.sezzle.com/customer/ 24 KB
11 KB 92ms
85ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a0ba63f290972189691.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: lqstLEJQAaPgqviswpynovkrV1EWSjlB
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:49 GMT
etag: W/"2e79e8d8953e45a1a4715699a89c5f67"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: jo4SL2msxwgO12DhBoSc1V3u6FH972i6n2DiQxHeZoT9hkJN8_NVlw==

GET
H2 200 6e31ce2f1fc37086bb29.chunk.js Show response
dashboard.sezzle.com/customer/ 8 KB
5 KB 93ms
86ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6e31ce2f1fc37086bb29.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Djlv3to_rFF.BN2Wf2FVe.iBJjPd6xRL
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:52 GMT
etag: W/"9730e1c8997c033ac7f896d4af7c7b7a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nYaJgoPJmJUVWCrgxUjpcs_sW6i1JkigQ1bFI6Mtwf4P9gUbmP-bLw==

GET
H2 200 c5b620c163f3b359d753.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 95ms
89ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c5b620c163f3b359d753.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: xVhiCoP20kW_3EHNsgQq0_9O4Qb2VMSB
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:40 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"7e744e4fd8e8742c31957d5d10e6bb92"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Qxk8AZoS7cRP7QSpSanoQlTkgPyYzs5PS3NeR7RaKF8K-SQP8Pr_Aw==

GET
H2 200 b508ebff5126e8474986.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 93ms
87ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b508ebff5126e8474986.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: C7offsHQ15vJOwidF4SEdkxMjwNe1DBt
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:37 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 311
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:57 GMT
etag: W/"0f404629773d7dfbc53cb32d8be36160"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sqFbwK4BDvPn3iQ_QpgK698hi_8Fqu7SWhd9CJ5jJd3kiKHNjO52vA==

GET
H2 200 95d58c447de1b1125092.chunk.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 94ms
88ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/95d58c447de1b1125092.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: RF0XIDEtQiDBR6BdefMb5FedIeGcb4S0
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"fbbdf2f0584153948c482292cb788672"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: kAS45eAoKk6nCqk0C9kX99u7z_GitJTa5lI4VtWQD_74ZX9qgM2nlQ==

GET
H2 200 94376e38e631783ec8d6.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 97ms
91ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94376e38e631783ec8d6.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 0zfOvoalffm5Gu93cvqwcPyibzJiTnl1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 604
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e5000863dc7f1cb73321a067312ddbe1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 5XGDbhpbiSbZLyoLgqrVsSYjSDvGtlx3av-e4e0FxSd7ZkNDEUtKTw==

GET
H2 200 8e0a43f0256a3165a631.chunk.js Show response
dashboard.sezzle.com/customer/ 31 KB
13 KB 95ms
90ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8e0a43f0256a3165a631.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8htcNlTOuL7JWTvs4MkKHM.fx9HkUyaj
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"e0ad4fc8f23377c5c613327173c47c2c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 6Zpyn03v-eF7yDzU6wGr7hccBweKU8pa03ehG026FwBzhwSDhLgpig==

GET
H2 200 ac57f8f9067d4879c0f1.chunk.js Show response
dashboard.sezzle.com/customer/ 7 KB
5 KB 97ms
92ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ac57f8f9067d4879c0f1.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: J9fi.cTYYN2z82kYLChT0Bo2PTCwKUu5
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"629390b82dfe140f74da9e6e1f95a8e5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: Q_qrndPNR6nj1d1h0Fyd3OwQirMm85hSP6jBZpCbUGQ1bZCr01Nv_g==

GET
H2 200 27fb5d991e982837bbb5.chunk.js Show response
dashboard.sezzle.com/customer/ 5 KB
5 KB 98ms
93ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: vKV7uaNwLHadECpseAn8jVoi_KCNB7K3
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 603
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:46 GMT
etag: W/"7b955c222395f234a9f383c12f22e377"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: l74WQ9zq1Qts156-1nqqgKRjanJrXZbPQEnP4gRTQwlLA34A8iPdUg==

GET
H2 200 a9d6d3a56f7a41a1ba30.chunk.js Show response
dashboard.sezzle.com/customer/ 75 KB
22 KB 103ms
98ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a9d6d3a56f7a41a1ba30.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: aNgyOjAezw.U6R_NiNIY4dggmpljONui
content-encoding: gzip
date: Tue, 05 Mar 2024 22:41:02 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 682
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"adb74a39527c2a35c5805f63d11a9499"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: l4uJ5qK8fAqdU_NrY8PCnn4yEdu0mpFLeSeUBiSP4qdyFwr4VpCdKA==

GET
H2 200 7a6fdb1ce14b04b2cb7d.chunk.js Show response
dashboard.sezzle.com/customer/ 160 KB
46 KB 98ms
94ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7a6fdb1ce14b04b2cb7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c834e5a157df7a9e166541d7a9635fcd5aa6a7f813770cf4043dcb64d4d3e086

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: iQq2vAlpLn1EFGqZC3Afe6jaXvXdKrrZ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:53 GMT
etag: W/"d35a2136a1450561976965fd1330dcd8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: ZwDXILu5X8wizRKMpkca7b493a4O4_vOS2QpzDtWTHpjAmFPMnxU9w==

GET
H2 200 a45c59dc5ba886671582.chunk.js Show response
dashboard.sezzle.com/customer/ 53 KB
24 KB 100ms
96ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a45c59dc5ba886671582.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: Rp1UxVP.LoEwZveGh7SMxK2f3wK3pu31
content-encoding: gzip
date: Tue, 05 Mar 2024 22:35:10 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 881
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"8fb1fea3a59a8c77a58813efb51699dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: _gUdxZS4INvn6laSVdevGMWW5DrAGxCDC7y61NNN3TmCrWjQAzO7-A==

GET
H2 200 d06a69625cde48cfb5ea.chunk.js Show response
dashboard.sezzle.com/customer/ 30 KB
13 KB 101ms
97ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d06a69625cde48cfb5ea.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

42d7398b0280a9a292a781882939e8323f2fe5978f3612ce02ff974dd54b67d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: 8y4.x6NoSTj7W7GaiU7ENsfHFyrdTxT1
content-encoding: gzip
date: Tue, 05 Mar 2024 22:46:47 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 248
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:58 GMT
etag: W/"8331bcefbb87bd895dc3d8e2ac202d8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: sHaB5vCeT_R7cCH825dkkDs8QbzfAIXY5UOvUqn0Z8lc6_gHWmRtQQ==

GET
H2 200 917019a0d5c385f61289.chunk.js Show response
dashboard.sezzle.com/customer/ 9 KB
6 KB 105ms
102ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/917019a0d5c385f61289.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: BdSjTah1zF9m4KBoOPT8nwGlybqGqyQN
content-encoding: gzip
date: Tue, 05 Mar 2024 22:47:33 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 135
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:55 GMT
etag: W/"d3af360547cac6e490a6051af4419e9e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: U6_rzW6-6-o5EhAl14NGprVzyTegjGf6xGza52HX9DwKlFmvZkEURg==

GET
H2 200 ae9aa0023644c0c6bd7d.chunk.js Show response
dashboard.sezzle.com/customer/ 452 B
3 KB 41ms
40ms Script
application/javascript 2600:9000:24f2:200:5:2c64:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ae9aa0023644c0c6bd7d.chunk.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/37ce4942e883c62e7aa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f2:200:5:2c64:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com *.apple.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com *.rokt.com *.appsflyer.com bat.bing.com ws.zoominfo.com *.iesnare.com *.smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net *.cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com *.iesnare.com *.zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com *.google.ca *.apple.com *.gstatic.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com *.ctfassets.net t.co analytics.twitter.com *.ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io *.ojrq.net braze-images.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com *.cdnfonts.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.smooch.io *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com *.iesnare.com wss://*.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.mathtag.com *.rokt.com *.appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com *.bestbuy.com bestbuy.com *.countrystampede.com countrystampede.com *.tailorbrands.com tailorbrands.com *.academy.com *.spartan.com spartan.com;
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-amz-version-id: fkdcjEj5FEi8izhjHTOvZlzlslQQO1ZQ
content-encoding: gzip
date: Tue, 05 Mar 2024 22:44:41 GMT
via: 1.1 2b3c18475b2db8cebe637fe45982c61a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
x-amz-server-side-encryption: AES256
age: 308
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block;
x-sezzleinc-test: test header
referrer-policy: strict-origin
last-modified: Wed, 28 Feb 2024 20:45:56 GMT
etag: W/"51d3d543819542bc182233d9d721c530"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 7X9PGoTCUptFLn_z0d2vXZNJj-vumLDu57rSZxbvItjmGump9EPUiw==

GET
H2 200 Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 6 KB
3 KB 40ms
40ms Image
image/svg+xml 2600:9000:2479:3c00:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:3c00:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 09:44:42 GMT
content-encoding: gzip
via: 1.1 c8621b8fc24efa8fdb4d4763ad6a7e38.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
age: 47114
x-cache: Hit from cloudfront
last-modified: Tue, 11 Feb 2020 17:10:33 GMT
server
etag: W/"0fb7c8e946de60d298e697e3143a598e"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: OjcI7DEiY5NDXML9Nn2uGnZwCuoryQ_4rmOCzbA5Kx7et54Zuj5Wzw==

POST
H2 200 gt Show response
api.sezzle.com/v1/accertify/browser/beacon/ Frame 6E29 39 B
1013 B 118ms
118ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/accertify/browser/beacon/gt?c=gLaZegefMpAvkrns_6KD2oLP8FU

Requested by

Host: api.sezzle.com
URL: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

7c715126c46071692e05e60f3b847313bb9d9b50e8eb12e559351d48b97fb1ed

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://api.sezzle.com/v1/accertify/browser/beacon/bf/bf.html?v=202302_01
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:49 GMT
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
x-amz-cf-pop: HIO50-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 39
x-amz-cf-id: YnyU8l__MbnX4Bsnr_PH2qWHAZenVhIfsMcrUzRc9me3FnbBq1FtOQ==
x-xss-protection: 1; mode=block;
expires: 0

OPTIONS
H2 204 create-event
api.sezzle.com/v1/event/ Frame 0
0 96ms
95ms Preflight 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Authorization,Content-Type,Access-Control-Allow-Credentials,X-Sezzleinc-Trk-Id,X-Sezzleinc-Client,*
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
date: Tue, 05 Mar 2024 22:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
795 B 117ms
117ms XHR
text/plain 44.240.237.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.237.16 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-237-16.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block;

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 239 B
1 KB 330ms
98ms XHR
application/json 44.239.107.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.107.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-107-15.us-west-2.compute.amazonaws.com

Software

Resource Hash

d885f662a01ef85037e7a902a2b82c55641947a042ec20ba3a026ed5e6577e72

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src * ; frame-ancestors *.sezzle.com
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-length: 239
x-xss-protection: 1; mode=block;

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 798ms
173ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=fa8b3979-1c63-46f1-8b25-3c80d599f6c9&SessionId=69b5ea21-b809-45f3-9a41-034996e4e5d6&PageId=f14a4273-3ec7-4081-be79-4f6d6ed0d530&Seq=1&ClientTime=1709678989322&PageStart=1709678988288&PrevBundleTime=0&LastActivity=512&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 5ea9b54de07c32046f211311906ad246a823f6cd0bb7f46ed0231d4f50e34ab2

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Tue, 05 Mar 2024 22:49:50 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H2 200 pv
sezzle.zendesk.com/frontendevents/ Frame ED12 0
0 113ms
113ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4793dd1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJfAd00kVPsj0Ly9G7Gff31UTT1SKxwrfgPKfrWZspVx9zmkkRkNdOhwvkkQPiUqIDtb05imOzDj35xAysuAXdNc6w%2Ba4K2J8IJTf1NZEJDlGPlGeWV3atUbbRwsrOCpOT4kng%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85fda954cf58a1ff-YYZ
content-length: 0
x-request-id: 85fda954cf58a1ff-YYZ

OPTIONS
H2 204 pv
sezzle.zendesk.com/frontendevents/ Frame 0
0 118ms
117ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 85fda9540e20a1ff-YYZ
date: Tue, 05 Mar 2024 22:49:49 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJeHsY%2BgrjE3%2Fsp32V3yNEeFzT5S%2BEOJaAObj5FDYTITo74izmLy25uS4mb6QNDEn78UcGoT8gpD2XZbR5xTg3FF3RLtcQcNpmVO9pv%2FF8oB06VUMkM3c7JUVDFVkrkFwrZwYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 85fda9540e20a1ff-YYZ
x-zendesk-zorg: yes

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 57ms
57ms Script
text/javascript 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/27fb5d991e982837bbb5.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

906ae1d4cb195d4a42184f1adf9874f3b04934ce724e6d9fd900010b2b7f15eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 22:49:49 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 492 KB
196 KB 113ms
35ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:03:29 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FAB7 45 KB
28 KB 66ms
66ms Document
text/html 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=htxoicci491w

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e588663bb4f4ca805ca6ade0265f3e4e79f939d1b6d11df9353bb8c6bd50258e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-twvrNWLl4yYzDgT5VdiHMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-twvrNWLl4yYzDgT5VdiHMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 22:49:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 US.svg
media.sezzle.com/style-guide/flags/4x3/ 4 KB
1 KB 43ms
42ms Image
image/svg+xml 2600:9000:2479:3c00:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/style-guide/flags/4x3/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2479:3c00:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 07:12:35 GMT
content-encoding: gzip
via: 1.1 c8621b8fc24efa8fdb4d4763ad6a7e38.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
age: 56235
x-cache: Hit from cloudfront
last-modified: Mon, 25 Oct 2021 18:50:36 GMT
server
etag: W/"ae65659236a7e348402799477237e6fa"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding
x-amz-cf-id: VrhSHPqFw-7N5ixssY_UCfaMynYNs7oeijsTvX1qfHcgFzqIFxs_Rw==

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pro-fa-duotone-900-17.woff2
ka-p.fontawesome.com/releases/v6.5.1/webfonts/ 10 KB
10 KB 58ms
57ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/webfonts/pro-fa-duotone-900-17.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
age: 4547136
etag: "6568cc19-2964"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85fda9569f737288-EWR
content-length: 10596

GET
H3 200 Satoshi-Medium.woff
fonts.cdnfonts.com/s/85546/ 30 KB
31 KB 59ms
58ms Font
font/woff 2606:4700:e2::ac40:8416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8246148
alt-svc: h3=":443"; ma=86400
content-length: 31024
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "7930-5e44d059ed553"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSVGEwYBqor8hl57s8ddi3UzYuU9%2BjibQk3ncCSHY7ANL1MoLooSkpAcYvVePhOI3WvwVPWEMwXpmTm%2BjGF1Cc8uALf81EJuR0%2Fa5Ob%2FJr5ebmHIF6xmg5uB%2Bac43Tx2FGnXXKsYe47%2Bb3jH6lRspfc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85fda9569f4319ef-EWR

GET
H3 200 Satoshi-Bold.woff
fonts.cdnfonts.com/s/85546/ 30 KB
30 KB 105ms
104ms Font
font/woff 2606:4700:e2::ac40:8416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/85546/Satoshi-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/satoshi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8416 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984

Request headers

Referer: https://fonts.cdnfonts.com/css/satoshi
Origin: https://dashboard.sezzle.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 716456
alt-svc: h3=":443"; ma=86400
content-length: 30668
last-modified: Thu, 21 Jul 2022 09:05:41 GMT
server: cloudflare
etag: "77cc-5e44d05a5a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj4Mxd9u4mneKargyetYNWwAh8E%2F4O7IEkin0%2BJhc6G9KKv0c%2B0%2FNcMZxQE3Il5CgqWloxmSTlabwNWpjGaXM1lShMsirmYMl%2F%2F8iG4Z1PpdDx%2BAiBS0TCC2HysMgl2mdX3F0JuRaZGB%2Fr3J87Q1zwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 85fda9569f4419ef-EWR

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame FAB7 55 KB
24 KB 114ms
38ms Stylesheet
text/css 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=htxoicci491w

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:50:32 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame FAB7 492 KB
195 KB 128ms
52ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:03:29 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame FAB7 17 KB
7 KB 39ms
38ms Script
text/javascript 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=htxoicci491w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 16:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 16:28:51 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FAB7 2 KB
2 KB 39ms
39ms Image
image/png 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 19:32:39 GMT
x-content-type-options: nosniff
age: 11831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Mar 2024 19:32:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FAB7 15 KB
16 KB 107ms
33ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:28:07 GMT
x-content-type-options: nosniff
age: 112903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 15:28:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FAB7 15 KB
15 KB 115ms
41ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:45:55 GMT
x-content-type-options: nosniff
age: 432235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 22:45:55 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame FAB7 102 B
135 B 56ms
55ms Other
text/javascript 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf&co=aHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbTo0NDM.&hl=en&type=image&v=vj7hFxe2iNgbe-u95xTozOXW&theme=light&size=invisible&badge=bottomleft&cb=htxoicci491w
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 22:49:50 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 74E0 7 KB
1 KB 56ms
55ms Document
text/html 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

488082155fbce32e9abbd97cfa61252a9549c9c5561e9eb6de3f85c35d11839e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZV7M4Y_P9Uw94JJJrkyMhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZV7M4Y_P9Uw94JJJrkyMhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 22:49:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 74E0 55 KB
24 KB 41ms
40ms Stylesheet
text/css 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:50:32 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 74E0 492 KB
195 KB 42ms
42ms Script
text/javascript 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 199830
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 03:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 15:03:29 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 74E0 21 KB
15 KB 88ms
87ms XHR
application/json 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5a19e7f796f7813e23822f0519284ab2f76604263fd51c171b7d17cef7ade302

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 05 Mar 2024 22:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 22:49:50 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 74E0 600 B
624 B 36ms
36ms Image
image/png 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 02:19:35 GMT
x-content-type-options: nosniff
age: 592215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Mar 2024 02:19:35 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 74E0 530 B
554 B 37ms
35ms Image
image/png 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 01:49:02 GMT
x-content-type-options: nosniff
age: 421248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 08 Mar 2024 01:49:02 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 74E0 665 B
689 B 37ms
36ms Image
image/png 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 21:46:01 GMT
x-content-type-options: nosniff
age: 3829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 12 Mar 2024 21:46:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74E0 15 KB
15 KB 35ms
34ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:28:07 GMT
x-content-type-options: nosniff
age: 112903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 15:28:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74E0 15 KB
15 KB 41ms
40ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 15:29:42 GMT
x-content-type-options: nosniff
age: 112808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 15:29:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 74E0 15 KB
15 KB 48ms
48ms Font
font/woff2 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 22:45:55 GMT
x-content-type-options: nosniff
age: 432235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Feb 2025 22:45:55 GMT

GET
H3 200 IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js Show response
www.google.com/js/bg/ Frame 74E0 17 KB
7 KB 35ms
35ms Script
text/javascript 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/IDLZ5bdCrEGdGR5FKKZfiIWvV7rMSlbAHUEzxUIOBQg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 16:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6933
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 16:28:51 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 74E0 29 KB
29 KB 54ms
54ms Image
image/jpeg 2607:f8b0:4004:c07::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA42BzF9kAQuE1ZF8jJyF5n65NjI_oxy73FEkXcLnIC6SLqlAiglS_q3yLDZQzmwKaZpQhPsctz5-f4-QjTLc1b8XA9OzIrC0cAQbEICFzn0H_nA8HoLy71FoRHL8YzhCYmVnNLTKlsWkF7XErLXqutX-dZH2jEpnJSHt1lqFMzPw8d13TUy2PBv5c3QwQP8dd0dOm2btACR-KVo1WapYccR5k9uSA&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee643b3005e36afe675b027db3547d3b83aaf8bb755176a6a5a43a31569d45a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=vj7hFxe2iNgbe-u95xTozOXW&k=6LcJTPQfAAAAABxv6cKDIWXxjNI8L_9aU82tXOHf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 22:49:50 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 05 Mar 2024 22:49:50 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 44ms
43ms Ping
text/plain 2607:f8b0:4004:c09::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=45je42t1v886187776za200&_p=1709678986205&gcd=13l3l3l3l1&npa=0&dma=0&cid=235725959.1709678987&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&sid=1709678987&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&_s=4&tfd=7013
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 63ms
63ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=13FHV&UserId=fa8b3979-1c63-46f1-8b25-3c80d599f6c9&SessionId=69b5ea21-b809-45f3-9a41-034996e4e5d6&PageId=f14a4273-3ec7-4081-be79-4f6d6ed0d530&Seq=2&ClientTime=1709678993307&PageStart=1709678988288&PrevBundleTime=1709678989399&LastActivity=4507&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 433a5cd0ca43ea85a90db247ac6f0d2f349fcadb7f08cda795b90a36e532dcdb

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Tue, 05 Mar 2024 22:49:53 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2607:f8b0:4004:c17::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=45je42t1v874508995za200&_p=1709678986205&gcd=13l3l3l3l1&npa=0&dma=0&_fid=cNfwkfbb6Nw-gdSjoVsv-3&cid=235725959.1709678987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1709678987&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Forders&dt=Sezzle%20Customer%20Dashboard&en=web_dsh_refresh_token_login_failure&_ee=1&ep.origin=firebase&ep.metrics=%5Bobject%20Object%5D&ep.szl_trk_ver=v1&ep.locale=en-US&_et=691&tfd=8122
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c17::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 22:49:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:13:50	Name: _GRECAPTCHA Value: 09AOiBZIASQGWkFJ44p92HKbTX2rVIkyjL56LcM7gDQpYLCeI4_bsDA8bvIaRhFRUVDagGGMOEsrueAa8_kDSzUkU
.sezzle.com/	1970-01-21 04:30:38	Name: trk_id Value: 66971d9b-6884-45a9-98c9-f089ce52d1a3
.dashboard.sezzle.com/	1970-01-21 03:40:14	Name: szl_wpe_sid_lt Value: faf750d1-8bf5-459d-87ab-791b050a0de4
.dashboard.sezzle.com/	1970-01-20 18:56:05	Name: szl_wpe_fs_rand Value: 0.6018367584494775
.sezzle.com/	1970-01-20 21:04:14	Name: _gcl_au Value: 1.1.1822820384.1709678987
.sezzle.com/	1970-01-20 18:54:43	Name: szl_wpe_sid Value: 70faf7e8-c41f-49b0-8fa0-ffaac7eeba3f
.sezzle.com/	1970-01-20 18:56:05	Name: _gid Value: GA1.2.675214606.1709678987
.sezzle.com/	1970-01-20 18:54:39	Name: _gat_UA-72079130-32 Value: 1
.sezzle.com/	1970-01-21 04:30:38	Name: _ga Value: GA1.1.235725959.1709678987
.sezzle.com/	1970-01-20 18:54:40	Name: fs_lua Value: 1.1709678988285
.sezzle.com/	1970-01-21 03:40:14	Name: fs_uid Value: #13FHV#fa8b3979-1c63-46f1-8b25-3c80d599f6c9:69b5ea21-b809-45f3-9a41-034996e4e5d6:1709678988285::1#/1741214987
.sezzle.com/	1970-01-21 04:30:38	Name: _ga_FB5QYFCQBC Value: GS1.1.1709678987.1.0.1709678988.0.0.0
.sezzle.com/	1969-12-31 23:59:59	Name: IR_gbd Value: sezzle.com
.sezzle.com/	1969-12-31 23:59:59	Name: IR_22203 Value: 1709678986355%7C0%7C1709678986355%7C%7C
api.sezzle.com/	1970-01-20 23:13:50	Name: _cc-x Value: YWI0NTUzODAtYjU4YS00OTc0LWEwMGQtNWNkZTM5NTRkOTdkOjE3MDk2Nzg5ODg3ODA
.dashboard.sezzle.com/	1970-01-20 18:54:39	Name: _szl_login_success_url Value: /orders
.sezzle.com/	1970-01-21 04:30:38	Name: _ga_1MJLY6RLKW Value: GS1.1.1709678987.1.1.1709678989.58.0.0

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashboard.sezzle.com/customer/orders Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://utt.impactcdn.com/A4960984-1d8a-4877-8732-da02a6e830751.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/20b8c23fb6af2dd22732.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/39cfd9d68f2c9f4567f8.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96 Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4793dd1.js(Line 1) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
network	error	URL: https://api.sezzle.com/v5/shopper/auth/status Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/4194987c16fe56cf15b0.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 3) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://api.sezzle.com/v1/accertify/browser/client(Line 4) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://dashboard.sezzle.com/customer/1a256f2d971cdf513dde.js Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 321) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 321) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
security	error	URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__en.js(Line 515) Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dashboard.sezzle.com/customer/auth/phone Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com .apple.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com .rokt.com .appsflyer.com bat.bing.com ws.zoominfo.com .iesnare.com .smooch.io utt.impactcdn.com; style-src 'self' 'unsafe-inline' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net .cdnfonts.com; object-src 'none'; media-src 'self' media.sezzle.com .iesnare.com .zdassets.com data:; img-src 'self' media.sezzle.com marketplace.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com .google.ca .apple.com .gstatic.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com .ctfassets.net t.co analytics.twitter.com .ads.linkedin.com bat.bing.com logs-01.loggly.com sezzle.pxf.io .ojrq.net braze-images.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com .cdnfonts.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .smooch.io .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com analytics.google.com cdn.linkedin.oribi.io ws.zoominfo.com .iesnare.com wss://.iesnare.com sezzle.pxf.io blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .mathtag.com .rokt.com .appsflyer.com sezzle.pxf.io; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com .bestbuy.com bestbuy.com .countrystampede.com countrystampede.com .tailorbrands.com tailorbrands.com .academy.com .spartan.com spartan.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.sezzle.com
apps.rokt.com
dashboard.sezzle.com
edge.fullstory.com
ekr.zdassets.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.cdnfonts.com
fonts.gstatic.com
geoip.sezzle.com
ka-p.fontawesome.com
kit.fontawesome.com
media.sezzle.com
o215203.ingest.sentry.io
rs.fullstory.com
sezzle.page.link
sezzle.zendesk.com
static.zdassets.com
stats.g.doubleclick.net
utt.impactcdn.com
websdk.appsflyer.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.51.111
104.18.72.113
2600:1402:8800::1728:cdd0
2600:1402:8800::1728:cddb
2600:9000:2479:3c00:1a:9a9d:1e00:93a1
2600:9000:24f2:200:5:2c64:75c0:93a1
2606:4700:4400::ac40:93bc
2606:4700:e2::ac40:8416
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::6a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::61
2607:f8b0:4004:c09::64
2607:f8b0:4004:c17::84
2607:f8b0:4004:c17::8b
2607:f8b0:4004:c19::9c
2607:f8b0:4004:c1f::5e
34.120.195.249
35.186.194.58
35.186.249.72
35.201.112.186
44.239.107.15
44.240.237.16
02acb3a931a490a38b431acac3b5142d9a4cb329f56a1e8cbf958ea343f9d710
06abef871ccd877aa811df66b404dc3b03b6190eeaedc9fbea871bc76c8ca708
07d91c3b213fdc870c999e1a1ff7da36f7099c3f5fe8834e3da35b98745815c5
09a5e4486967e411d4a219438a2730710c4e5246ea881d4d752236702b04bcd9
0af30bed965fb5937a986433a2bb22744df26f072898c2b5bd49a8cb916b2478
0cea976a98f3aef8dea3aeb95cba0fb55975d754ba9fa137ef0df4bb4a8abd16
10ce24690b94192c854b02d32a9e4bf4a35cc0e00ca13d93837dff6a583ea6b7
12a62e57b0cd57becab5d7492e33f8d8a82598b59f025b9b68266ef11cec6f97
1336bbfa75986307337a296928312163d7532f985f0ea50b80da0df0fb143be1
13a4965268e155d384d61a2dfd9f3103e4f8d16f278a3995182582888fa9442f
17bc25971fe2456cb6aac9a74191383b037ec64f700d1b48e8db5f3419bce615
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c33fae3db9d2b88a96b0d5a0fe1507b294e7dd130c2119ad9ade24ea7fabb98
1c4208a296b92abe95b24fd6e2c668374088d990f3d14e2d13e09f3b63aadc82
1cd32fb1f680b7247e502ea79611b4a675e34a64d1ee455f24fd89d8c3e286ed
2032d9e5b742ac419d191e4528a65f8885af57bacc4a56c01d4133c5420e0508
21659c4eb8d562932783c9df9d9f84c463374874b3c4337dfa8da2f26a52d0e6
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
21db081eb7ac1b20e84ea055a3098a8e6c31cb6b6289b904f9bf097fe4519326
2200f3c67de233a0b257972a6223ea86343fb8426031e631859303a9895224d3
2676e3d4d3c4185137b0784f43286287d08a1df3b754637471cdb3cc6559ba0e
2685c4b455ba0dac720ced0b65525c8610fb9937911f75f2fd02c29c85877e44
27ed6b06e0cda97d22cbb69ca97150d55f1471e37bc8ef676eec12085b1eeadf
2b3cf99ce39e5fc49169454f5639b5341dba747f16e3d01a5b9ebf50792e9a1c
2c6a3425cec9ba0cbcfcf1dbba2120a72ac369674a6d02e06bd3b0c16efbdcf7
2e4de7dae6b934307dd05a7c6f00b6c2403f421a17a60d15a75bb53f3653ce8c
2e9fdf41e927632e9a3e0ed78fc3d2f738985588dedf5100a451a37cbc79427f
30c0009c5fddde62a1312b7ebf91622755c72e55889b58e83a60c6efe120cba3
323289ac51092c7452652cac984addad19c087599ddad6047680cc450737bf7c
331729aa6155f2c5c478d0e84c1586d36f9d07be105b7915122f203456a67508
38fb2eb4b1e3af97bebaa2006627fa969524b1d9fe4f903e46f9d925140d17b1
390e9c43bfed154fd39c9da5fcd4c47a52f15be64142a0d0210dde445c8f3b93
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
3c6741fe10b253685afecc25951dd7f312f188770982f10901e3a4489212a639
3cf234b43fbf4004be8de7f21bf3ef6805c6098e26b6b7df7b032b215a15686f
3dec5801deb5afcfbba10143e916dbe8dc3ab43cfd66b5959b3438bff79b362e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
40119ccc2391549e35936f246cb1d00aa80af10b043d8921707aa4b8f8794593
42059c83cda49bdd4a9f75a40de405486d3c6189a75ec735079082e581736d03
42d7398b0280a9a292a781882939e8323f2fe5978f3612ce02ff974dd54b67d2
431608b43b600be8cdc9f2358ef2103cb54ca703ad85e2202fe8e8212b26be8a
433a5cd0ca43ea85a90db247ac6f0d2f349fcadb7f08cda795b90a36e532dcdb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
463a3af9257e63ecd6d3f33072826682c9f21f25b8f88a96a321cf7bc9e3cf9e
4687495d5f949c3dd60763ecbc44bf456f66ba0b056281e09e8f17ff59e38c60
473c4125036bc972f2b7bb44ba1c2e60d33d833e65a5df955c42986605433e11
488082155fbce32e9abbd97cfa61252a9549c9c5561e9eb6de3f85c35d11839e
49287ad627da920abe10f8c32a67ce79e1412cdb2c28b71636bbe49c01269cda
4946b36e5208a0a01e69ac05696229353e101faece5c1572e2a6177742bf7b5c
49ea5f70b0d2a274bc5c16aa28860db756a41ae130db094219553e1202c49461
513e2e658ba33541f5efd67ff78f097c3b657accbe74128ae8723cd5f9ca139e
522f4862985232d255f9d661c224d3a310edd3e83670b1029f8638da4d80476c
5329cabb2252bc0d7c965dc32d150acc2c38898bd28d69fa1f77da0a0d926664
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56788096c1fb5930a89f647591c7fa9b796b20a3d1a1a1ffe3a5b28b203f5cee
58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5
58f2ed3e8753b14d9456de59f7a58f5089c81d1ce6691d80bbd4e58f145ffd2c
59384dd8611f360e5171a55c292a0366aee82216b97b69926b53c0d363d6f4e7
5a19e7f796f7813e23822f0519284ab2f76604263fd51c171b7d17cef7ade302
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be2771ae885644411528cd0eff321fa2df56889ed0fb37cfeb71fc84ac2baa8
5c7b2daccaa86ff27c8f6cf5f9065e7ea889bf81974788d33ae7f374e76af5fc
5e8f9c6966d7417671b787f0e69c6659f401efa48c29dc853c198f21659f4173
5ea9b54de07c32046f211311906ad246a823f6cd0bb7f46ed0231d4f50e34ab2
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610d8e1d8151c6943263693eae2cfd3cdc8d9b812664d404e02d9eebf44c94c7
64e789592ed9a2fd71609499e021582a41e5a2c10544ff3f40c55e0ce3f846ea
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
673f89dc34eceb6222ee6e1bbc98234b8f4c732b2e9b9b53c9997604f53c818f
68f77d9099488ee3f6a627e16f33e6180039b6ddc9e6726e1c90d7b5f6a89727
69fef7bf67ead0c4c2df08be990ee582b4b0c2366efabc0418b2be2abc75bb4b
6a4a5705d023378c533c36e7aaacb593ad907032e01f6f3b158774706ce108fc
6ade13e50ff336593cdc7ec2833222c9cbbb0277d5ad527f46d55eb4b69b379e
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
6b47c4528dcccce6b16e72adbcc0fb9c1eaf2ad30d2e5c65f4dcaad6377b04a7
6f764571417fe58ecc73b9f4af51a5f12c3be03f3c8dfa22b923d00691f1e313
70cf755a9663f67a8407b0f8ed1d1d6de28e9f5f50a395e451a9e4a5497a7e71
712a5571b1b8edc58a10b34458498bff2e659c2f8308eaa58a14762a075d96a0
717112af25d13661b3aa7c132f2808df5b79927791276649129fb557d4b299c4
71816d19f3c78f7daf80b4896a0338a8568e76e3bc4efd7e67256cc1abf8fedb
728e64485a8286649003073c39452a8810e16e1d8586229b38a8667539bc52bd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
792db0323d321c394ef17d32c17f750f09917310f05a7796ef9639556c3db984
79950339dfc483abfcf10045c47ec407b588491a997be78515a7bcc6e8969994
7c715126c46071692e05e60f3b847313bb9d9b50e8eb12e559351d48b97fb1ed
7d658396bf8d79e6ddb9e73232a32101d804442d49db20d04f81fb10cfdf2bed
80080ae17ff6ba3e611117777b04fdbf6ab92724cd06e39ce2992c5d3f2fad8e
80c822353f44990f2c89c8e88754abaef869bfef375afbf92a9ec209887a1418
8263c8b639e7c85ac4ea3ae79c66121998435e6e49bf2c49c3f4afa836d2f192
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
8693741cfe6e78e99a90f48a8c804cef8c863f6b097e8f83edcf4dbdd865fd92
87edf9a6f6a7fa420f950f88deea97be968484bbf0816a761a8abc4745ea0e61
88d624045b77412faf535f751566e042c499c55e5530b50e1416ee3978c02b52
896ef30554316fc11a17a5b7a1cf6b51b35ea78ee16caa14908f3738069a5e27
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8ad0d32aa95f856cef9025c23bdff5f5989e534d1c8931cea5e48f82ec7812d2
8de562b8134efb6c85c9279284b0646a41ad86a85c24adb60a1a124cd3fee817
906ae1d4cb195d4a42184f1adf9874f3b04934ce724e6d9fd900010b2b7f15eb
93119dcb47164a2ee44504fdc8fb5f7c1008fbf6bbe8d9391766f00a553e3dbc
943481c948de51e84c1712ce886e09055eceb6507c2ec8232bae851f13347061
962785803826134e29f0168eab85308d776775aac3bbe787be90bf3ee1b15a16
99bb5c2b64458a231a9f1ed8e2d289626be786067987bf1f19c8648437ab8e1f
a08011e6cd061e441fb1bdb2391e80ec7b4b097df1343bfa535e67c517bdf551
a26b69e07e5e11221c8344c7aae174133d215215ad38606295cf9d625814c481
a2ff4f71b15a913185bb1d68d27207208e1b702db5280a9c2ea61b3fc3ec0a0c
a3ab05ae8b6d4a894adbb2de586d14bd1519550b4e417e265f55d5e1a1985157
a5f56f1a6e360e8f4041b82c5aba563b80e08042e8a7f449aaebfbbc8f71d1c9
a7c453718fea99e535a377917aec9379f61328d3eff5abc0d25db573e849557c
aa1a6951dc4df4b6dea414a5b29566a4e12a49c75c41d82884c622d4a0f08ce1
ab36f0bc05838b97e42eee189268d7e941d8632dc360ffbee8cbec5e5592d769
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af85a45aa9c497cbf01823a3daee862d719296be13ece8b840b279fe51282421
b017f2e22c74ff6408933a62a1e454cc24563cc931c09fc1c261418fc3a82fae
b04eaaa229821580ca4cc2e060618662115df97cb30f3304fbd5df9fda4d132b
b4bc9b9959b6e88fae373fb381b1e80cc2e59189a828e40ccc9d2e2372e768ac
b61adc5bab4dab58be639408d13602428f5a0fb47389abec2763bf89953c7f11
b67c43dec3a99d3df3014b752c42a7902451392ef9926add891e50e6332c1e24
ba57e1a023dc2bd8f5c00b7b598abef0a66e2a7e71d16cada63cb0c91aa0b3b6
bc48cf66d534f098289d0c917acc8dd370a84107e8e96f980359e86a9fe0b9a6
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c348e8887a521eab3e3bc0dcbc51d8715ca9958d2c4a8c4fea0f0092ea325ac7
c368e74321d2180806d6982ab26271a765594390c0d50a2e4fe452e901778d5e
c38b336f03108b44e85ed615a210c9832324f8d5f3efc8c418196fb0517750a9
c39058bfaa5ffdf7f9a21f544743bfcb96baccd342f92ebe7664b6e9f505f84b
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c834e5a157df7a9e166541d7a9635fcd5aa6a7f813770cf4043dcb64d4d3e086
c8decb7c7d17d6353f74d740f2afba7886d2c53e0b3d10a44ae1ad7738316ff9
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9915b26519cb05760f5342fe00cd0e5084fa5bb74da7f23babf9959761b73d7
cba4e9f49221651805083215191628bf4b784ea057552be102ec23c38cc218c6
cd21636eecb718271e0bfcc0c6c0c63904cd1adea7966713d5d6ae3fee2c99aa
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d0774ab0833d4ea356e13face67b9ef26cd3905df8c413dfe7a60dae7d11d27a
d30dd14334b5505abd75350941f566443edda40a1ace1face82891cf74d6497d
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d56c4a631835ff8ba3246e75795f021f0d6c9883002429efdb4fafee37b2b134
d6f63bec05ca61b82d4a5214252768ace6f439cfedff92d6709167fad01a49d9
d885f662a01ef85037e7a902a2b82c55641947a042ec20ba3a026ed5e6577e72
d9d56505a77ca07e02c200a48794653355e4af338f226fb63ec74fbd2bb97301
dd225ce43e913b2f7422fc6ce4724067a3247440726cfaaab497776241883374
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e073520b685fdc2d8ddf5b03142f7a01706d3f9df6cfe66129d7569a160b8778
e09ab61c035948a8d070b553578b21fdb74e1c25b473d58cb08eb6e264d40383
e2882c75a51f032a909646b655716c9aeca963eaf6e457aa818ba3bf70701c5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442c5058403b935e24972da32cde71cd51c6c28b7d1f8d2e178cbe60b1461ae
e588663bb4f4ca805ca6ade0265f3e4e79f939d1b6d11df9353bb8c6bd50258e
e6164bca73fd43eef02c5f6493c42ba694363b56b1f01a67c739eaafe4ea7752
e79f7087c53ff40bc1a8f34f441ef05a89ae2d1934d7c869de6062c9a09c41b3
e7d3d6094a85458cd7c2b83f4b41677cadfe0283b9a2551ea5da7ecb449688f4
e8832ef92b7c679b99ad1695c612794844de77eee72b110d0ead766e3f47c043
e9bfd2c627aed05d17278d6b1495329f8d7d8d0ce320ea117357ddd4e9f617bc
ead5b9fd461259ad8feecfa206da49d19745aa2a5851c47196e5f1baa7c1a1e3
ebdd1fff11eb822d2c2a11ebdd646b5d4fbcc7c0b420380c9e252cffd8936772
ec02ac96296c32840cd7a4359fc49197d31a7a847c05abd3ac60dd4b23cc3834
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
ee643b3005e36afe675b027db3547d3b83aaf8bb755176a6a5a43a31569d45a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e5640d66c44d407d5bde1f0e1808297aaff94c64946183ee081b4c77dd65ce
f41e2f7f52a09af4f2f4e2e8d6376210c1264ac078f8a2779f2f3485b2a4ac22
f4364d871ffc6e52544e17eaf37eded3c321c62179acaabb65d1d3097782aab9
f48defd2bfb987f2a3acb802df054101893eb04ab9b2f59313967abd9650b0cd
f497db96b89fee7a651332b6134a8cbd2e664c4d72e9580fd11906595be6178c
f4e05073510b39d06591481757c398473fa94eb47bd1ced0c3cbe6e149ff5475
f58521a3ba5107dc421bb5750e85070c60ff87a9c32cb071c0d5a6ee0361ed4c
fc02e3a556b5edb0d4dd83a33535313668619fe1cf464b32b5f1ea43d8dd6d79
fd8ff49f0d1231d3c0622c65c5baa063154f846ad4a6cd1b326027dbdc38972b

dashboard.sezzle.com Open in urlscan Pro 2600:9000:24f2:200:5:2c64:75c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

264 Requests

100 %HTTPS

65 %IPv6

17 Domains

26 Subdomains

23 IPs

2 Countries

4417 kBTransfer

10318 kBSize

17 Cookies

4 Outgoing links

Page URL History

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.sezzle.com Open in urlscan Pro
2600:9000:24f2:200:5:2c64:75c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

100 %
HTTPS

65 %
IPv6

17
Domains

26
Subdomains

23
IPs

2
Countries

4417 kB
Transfer

10318 kB
Size

17
Cookies

264 HTTP transactions
1 data transactions