dashboard.sezzle.com Open in urlscan Pro
13.224.189.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_c...
Submission: On July 13 via api (July 13th 2022, 7:29:08 pm UTC) from US — Scanned from DE

Summary HTTP 227 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 26 domains to perform 227 HTTP transactions. The main IP is 13.224.189.106, located in United States and belongs to AMAZON-02, US. The main domain is dashboard.sezzle.com. The Cisco Umbrella rank of the primary domain is 603479.
TLS certificate: Issued by Amazon on October 22nd 2021. Valid for: a year.

This is the only time dashboard.sezzle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
137	13.224.189.106 13.224.189.106	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:224a:3000:1a:9a9d:1e00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e0e0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.159.128.7 162.159.128.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	34.214.61.66 34.214.61.66	16509 (AMAZON-02) (AMAZON-02)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:401... 2a00:1450:4014:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	44.240.75.20 44.240.75.20	16509 (AMAZON-02) (AMAZON-02)
2	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	52.27.131.183 52.27.131.183	16509 (AMAZON-02) (AMAZON-02)
227	32

137 13.224.189.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-106.fra2.r.cloudfront.net

dashboard.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:3000:1a:9a9d:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e0e0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.7 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.214.61.66 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-61-66.us-west-2.compute.amazonaws.com

api.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o215203.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4014:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

sezzle.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.75.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-75-20.us-west-2.compute.amazonaws.com

geoip.sezzle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.131.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-131-183.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
154	sezzle.com dashboard.sezzle.com — Cisco Umbrella Rank: 603479 media.sezzle.com — Cisco Umbrella Rank: 27366 api.sezzle.com — Cisco Umbrella Rank: 326565 geoip.sezzle.com — Cisco Umbrella Rank: 196302	2 MB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2188	420 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 2072 q.stripe.com — Cisco Umbrella Rank: 15477 m.stripe.com — Cisco Umbrella Rank: 1734	78 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2219 ka-p.fontawesome.com — Cisco Umbrella Rank: 4190	107 KB
5	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 1130	6 KB
5	zendesk.com ekr.zendesk.com — Cisco Umbrella Rank: 2723 sezzle.zendesk.com — Cisco Umbrella Rank: 813593	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	351 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 firebase.googleapis.com — Cisco Umbrella Rank: 7492 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 560	2 KB
4	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2623 rs.fullstory.com — Cisco Umbrella Rank: 2030	125 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	564 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	60 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	194 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2241	17 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	366 B
2	sentry.io o215203.ingest.sentry.io — Cisco Umbrella Rank: 622074	339 B
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 666 p.typekit.net — Cisco Umbrella Rank: 786	1003 B
1	google.com www.google.com — Cisco Umbrella Rank: 17	501 B
1	gstatic.com fonts.gstatic.com	21 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 683	15 KB
0	google.de Failed www.google.de Failed
0	twitter.com Failed analytics.twitter.com Failed
0	t.co Failed t.co Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	zoominfo.com Failed ws.zoominfo.com Failed
0	bing.com Failed bat.bing.com Failed
227	26

	Domain	Requested by
137	dashboard.sezzle.com	dashboard.sezzle.com
13	api.sezzle.com	dashboard.sezzle.com
7	static.zdassets.com	dashboard.sezzle.com static.zdassets.com
5	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com dashboard.sezzle.com
5	ka-p.fontawesome.com	kit.fontawesome.com
5	www.googletagmanager.com	dashboard.sezzle.com www.googletagmanager.com
4	www.facebook.com	dashboard.sezzle.com
4	sezzle.zendesk.com	static.zdassets.com
3	www.google-analytics.com	www.googletagmanager.com dashboard.sezzle.com
3	connect.facebook.net	dashboard.sezzle.com connect.facebook.net
3	js.stripe.com	dashboard.sezzle.com js.stripe.com
3	media.sezzle.com	dashboard.sezzle.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	dashboard.sezzle.com
2	rs.fullstory.com	dashboard.sezzle.com
2	edge.fullstory.com	dashboard.sezzle.com edge.fullstory.com
2	firebaseinstallations.googleapis.com	dashboard.sezzle.com
2	stats.g.doubleclick.net	www.googletagmanager.com dashboard.sezzle.com
2	firebase.googleapis.com	dashboard.sezzle.com
2	o215203.ingest.sentry.io	dashboard.sezzle.com
1	m.stripe.com	m.stripe.network
1	geoip.sezzle.com	dashboard.sezzle.com
1	www.google.com	dashboard.sezzle.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	ekr.zendesk.com	static.zdassets.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	media.sezzle.com
1	use.typekit.net	dashboard.sezzle.com
1	kit.fontawesome.com	dashboard.sezzle.com
0	www.google.de Failed	dashboard.sezzle.com
0	analytics.twitter.com Failed	dashboard.sezzle.com
0	t.co Failed	dashboard.sezzle.com
0	px.ads.linkedin.com Failed	dashboard.sezzle.com
0	ws.zoominfo.com Failed	dashboard.sezzle.com
0	bat.bing.com Failed	www.googletagmanager.com
227	38

This site contains links to these domains. Also see Links.

Domain
sezzle.com

Subject Issuer	Validity	Valid
dashboard.sezzle.com Amazon	`2021-10-22` - `2022-11-20`	a year	crt.sh
media.sezzle.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-08` - `2022-12-15`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
zendesk.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
api.sezzle.com R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-21` - `2022-07-20`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
sezzle.zendesk.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-06-11` - `2022-09-09`	3 months	crt.sh
geoip.sezzle.com R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.fullstory.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=
Frame ID: E8ACBC05084DD4357F5F7A243977BC55
Requests: 201 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js
Frame ID: 0F916EDAD068BDC007EE59AC2EC9EDB6
Requests: 10 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=156062cf-1cfe-4900-9298-6a1e6054b8ae&no_iframe=1&mt_adid=249070&source=mathtag
Frame ID: 02BD87C38582919DD3D7BBF1812706D6
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 9CE517F42092F22EE689460A4677F6AB
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F9CFD95BBAA50472EB645FB4D6F365BB
Requests: 4 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 80F6D2623A348E95BAC4550E26226EFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sezzle Dashboard: Log in

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

227
Requests

97 %
HTTPS

55 %
IPv6

26
Domains

38
Subdomains

32
IPs

5
Countries

3791 kB
Transfer

13875 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sezzle.com/
Title: ©2022 Sezzle Inc.

Search URL Search Domain Scan URL

URL: https://sezzle.com/contact-us/shopper-support
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

227 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
dashboard.sezzle.com/customer/ 12 KB
5 KB 477ms
445ms Document
text/html 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

96fce747f300ae358e4647572f6fdefc92cbc242c0f50100f8e66b5bff58c5d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
content-type: text/html
date: Wed, 13 Jul 2022 19:29:02 GMT
etag: W/"eef82ac660e92545cdd71079a856a4d1"
last-modified: Fri, 08 Jul 2022 21:54:20 GMT
referrer-policy: strict-origin
server
strict-transport-security: max-age=15724800; includeSubDomains;
vary: Accept-Encoding
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-id: 4FBv8ve9f-U_HzjKzk8NMYF-vdspCpqrU-VuyFtHh_yzwCRdNeew-w==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: j0016DHQQCZlR67pavRh6gctfkkq2oT1
x-cache: RefreshHit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sezzle-global-4.1.9.css
media.sezzle.com/style-guide/css/ 129 KB
23 KB 105ms
29ms Stylesheet
text/css 2600:9000:224a:3000:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.sezzle.com/style-guide/css/sezzle-global-4.1.9.css
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3000:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb47b4a4a330108da2a5367eb21e6f6ff1473f73d8526516117ff76d4440fded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 07:10:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 44322
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 30 Mar 2022 19:44:19 GMT
server
etag: W/"b72f7aa49fd04fbe3571844a84fd2362"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: text/css
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: rcfXn_B66hDNcgLwEzvI4D7uaYT_qrKp6NIqbzAqIH9eKsF4v_wfWA==

GET
H2 200 32f48e933a.js Show response
kit.fontawesome.com/ 11 KB
4 KB 73ms
40ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/32f48e933a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9536cff93290d9d78b7d38eb8bb55b8c0fb88774e04322add4b01810604331d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 72a46cd38d129bfe-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FvqUT5osIH_smgAnoz9h

GET
H2 200 dji1nuv.css
use.typekit.net/ 1 KB
822 B 103ms
9ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/dji1nuv.css

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0c0964427e7f1dad59bf2de479e3d5b821158349a6994771eccec9a8fa42fdcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 13 Jul 2022 19:29:02 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 590

GET
H2 200 4f74f36372417694b966.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 27ms
26ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4f74f36372417694b966.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3385fae722ba5529f7fc7f5bd67bb3d3d784644f56665830ce97365e946c8489

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 3sdV7n1kqDm5Ypptw94JcO7vlGOzXGdK
content-encoding: gzip
x-content-type-options: nosniff
age: 637
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"7c51535d112a4cbb3b1a2163dcc26128"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Rn5d3gE45qI36rtF6JDhpOwbnZkMd4TqLzDwAIUA3BycUyaYtIrQIQ==

GET
H2 200 4868f88512c5db8f5cbe.js Show response
dashboard.sezzle.com/customer/ 9 KB
4 KB 14ms
14ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4868f88512c5db8f5cbe.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

9c4f9aa98e066966b3cdb257121a4c68b665adbf19c7f6e0e1aa680c4c171346

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: T3l5kwyq45tP9Wnm0Hm4C4DyfUUksswx
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"f2c266cecf1c9e8b9256259f47a32776"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: mqjbubWXSvS7EFGB0bYmxZylr156i_M-ulQY_OTsSda0gtZQBSSt4g==

GET
H2 200 45fc297ae3da5da7d2d7.js Show response
dashboard.sezzle.com/customer/ 118 KB
15 KB 14ms
14ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/45fc297ae3da5da7d2d7.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

2f63e4b13a6b63ba7b78e00d0c89665747c76aea319fe0bd09b26fbb14793686

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BloNxrf8PagU7k5aTqoapulRPymkZpJ3
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"20b4b2d45cf4b3502552b184a8e70f87"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7VjUj1l_klNrUa7cQpRX5hkvb02mCEBn4sWMW5BTN8V2PzXAMrurLg==

GET
H2 200 3ad9feb8281edea15431.js Show response
dashboard.sezzle.com/customer/ 72 KB
10 KB 15ms
14ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3ad9feb8281edea15431.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

ba66a3782636667fbbb0a71e380bc34841142c2399cb0b49ee570d14c275c1fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: T4FUvatNjQlYwfSPqCnXmw2HsHStLvdS
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"ee571daac00941ef97326f80629bc673"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Wa5quRj9TT8x_21lFXXhARXeMCOTp2diKquQMs34zoq1FKUZllVzPA==

GET
H2 200 2fce3cc3ce8a9b732550.js Show response
dashboard.sezzle.com/customer/ 114 KB
15 KB 15ms
15ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2fce3cc3ce8a9b732550.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

00b22acaee00348b43178cc978e585d5fe9fa363c2bd585bb16ba055b5acc32a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 3OdyRIs17ybOIVQrwF7J5t1p8WGEc0oo
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"e44ac36cad46fcc3bae7e8c893866051"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: cOG2GC-GUwjtEdx76ebw-ImDlaOsBD1Lrktp9Ec6SZ37Ten6SKAPaA==

GET
H2 200 19cbb4a34eda785e7758.js Show response
dashboard.sezzle.com/customer/ 78 KB
25 KB 19ms
18ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/19cbb4a34eda785e7758.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

51443c903e562eb78e2082bfc7c361c9387946eb1bfd36cedb466f2824dcb248

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Ury_1G7lRc8f44x0XQ.SwysOETAA14G3
content-encoding: gzip
x-content-type-options: nosniff
age: 635
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:57 GMT
server
etag: W/"b3ac42a096bfb4b4a5655c9cbb7edc62"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nc6g-gThKcMYJgFmpt_qncm_t2WYHwh2yHmLWQHxuoxN984Xfe6weA==

GET
H2 200 82454923ad15f1d025e4.js Show response
dashboard.sezzle.com/customer/ 97 KB
13 KB 10ms
10ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/82454923ad15f1d025e4.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

6adae5c0a26e3a7f8568b8f30fb6a9b07f6096406f8312fe9e9c652dd774a885

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: eCtP3zzi2nTRKuuh8WrSNeExJsjLWnPU
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"ee4af314dccceda6e70f38e7cf1ba931"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8C4IYl0bKFGVgiBz3OGNrOfr0cBOSJlJ9rQGloM1P8VleHSsLY7tqw==

GET
H2 200 cd4663553caef023fe0a.js Show response
dashboard.sezzle.com/customer/ 73 KB
11 KB 18ms
18ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cd4663553caef023fe0a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

aa72712e9bcd83d454c03ec9dcbaf1962765f5078c92a639b83fef57bfefb6a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: FSKoNqehbgp3eI4C2S6GKMxt_tRXDAa5
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"a7137dcab401bb7a4a9a49e8b93534e4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nU89hAvwnPWde9j-dUgTBfr6ZH7HdzDsKQAPQ2ErmBWh_HtXtWhCHg==

GET
H2 200 756e7b4ccf17e6919a07.js Show response
dashboard.sezzle.com/customer/ 140 KB
20 KB 10ms
10ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/756e7b4ccf17e6919a07.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

be2c2382281b61622b8098d0e1928ff7f33736fef24569d63b8b6b708ea2ebba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: oGFog4cjdiolPsCjKmchzIAjMVvpID.O
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"0865e863cdb2e152abd2af46d7303ca9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OYtNnVkKdhLEAFvekIja7OmAZ8LgBRkEyIp2YFv00GVuImVnhDf4iw==

GET
H2 200 b605577ad56d0ade6b7e.js Show response
dashboard.sezzle.com/customer/ 62 KB
9 KB 39ms
18ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b605577ad56d0ade6b7e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e7f9a744a9e69d1fcb6a6ec655b35e68b8b859be97e07c7f66d95933e4c9619c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: O6J_6uv7rkN34SzsE0A.qDXLylRH6NMi
content-encoding: gzip
x-content-type-options: nosniff
age: 635
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"9f1fb531d11a09657e753b9e95c11630"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aYH8ntHAitD4hZ61dob9ZtHnNJJW0BUyCe0Hp9GCekNp8561iOwWOQ==

GET
H2 200 c2c1555536a2f49678ad.js Show response
dashboard.sezzle.com/customer/ 23 KB
7 KB 34ms
9ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c2c1555536a2f49678ad.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

af9ce7b60d48b7dff365f1080339b55ea23774aaa58ed2f05c59de5336dcd3d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ue6gpD_mbTxAbcnHkM9iw9cUoJa6G5a4
content-encoding: gzip
x-content-type-options: nosniff
age: 2924
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"68dc0722f9258e4cee02b409ece16cad"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Vu3yzmEjz9nKVJRZwc1w4VlxOuGmo0e49rvTYB-Ipq7yzK-a0dD-ZA==

GET
H2 200 7ad5e07107a4245a210b.js Show response
dashboard.sezzle.com/customer/ 40 KB
9 KB 71ms
47ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7ad5e07107a4245a210b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a3be7c9f6eb304b5336f733c7020e8a08b10b32498017fdf270826af6e2312dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: gZq0KvOp22iF2l4ldL_SLblHw3iR1HCJ
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"72290ae63e357f348f38de74004557d6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3UyWRbyQsCH0d_jz9ZNDrzfcdQNEkvwmR-sEkoXNyRX0vnMma8weqQ==

GET
H2 200 9510d80db97ece864840.js Show response
dashboard.sezzle.com/customer/ 29 KB
6 KB 45ms
21ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9510d80db97ece864840.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

702d3c0fa8237164cccdf50a1b39dec1536e6d3eea633b2cc2939307a825ee7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: i2hlCmB.CBYPB_de0yL.9gHBF.ukP8ta
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"2e928556d0aa34e777394d8dd99bfd81"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DyMEyWyHHbXSXKshqx4cmUknzlORMgK6v_Tw3APk6YFaJ2V4TWHHVw==

GET
H2 200 0943a94dcdf6d8364520.js Show response
dashboard.sezzle.com/customer/ 15 KB
4 KB 70ms
46ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0943a94dcdf6d8364520.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

82988551aab5294f5da54af0bc5c19a6c303d8f7a7a34c033cb73b8f96bab221

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fe59OHRK9gA0V5nj9Keq2_W6A9L6Xgtz
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"26d11f8543846d024191c90d437637a8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: owG2G4IO99fM1_FI4mKJ0gaurkF3sHzGmTeFoU7tayIzji5nlBCJ9g==

GET
H2 200 66f7cb17506f47aa501c.js Show response
dashboard.sezzle.com/customer/ 9 KB
5 KB 73ms
49ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/66f7cb17506f47aa501c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

664c82cf59e5a61b3c5f169f614e94d3648bcba0bccb817fca5a036fa7e40f4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: n7sXuRbEobfVs52WaSczi8TG6chJa9VO
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"c20cad554a7e6b1d841151315076e03c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: J399cjouBmfhDkiSAd-42sDqFp_8W8-p4kySDID88xHE_BCu9rT8Mw==

GET
H2 200 59ed810666d6bf9b2c08.js Show response
dashboard.sezzle.com/customer/ 131 KB
24 KB 74ms
50ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/59ed810666d6bf9b2c08.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a59ac73c5a79ac711fec87d2decc18aa91cb95a121741f168536963d7cb08fb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: wwNwH3QKAeffW6j9e0iwQOKaDOp3lw60
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"a7df0f0ef15ca3403202819087bb63cf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: USD85pZpadnmrWuYebj3HLiFnI7VXv_ZFhZenp_GsuCY2ox7tdcZbQ==

GET
H2 200 a3ddada328c75c5647b2.js Show response
dashboard.sezzle.com/customer/ 15 KB
6 KB 72ms
48ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a3ddada328c75c5647b2.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e595ef84d0997114bc7ea75b54c62ddd82635c817a73a783e8636a3d384a23e9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: JGJbmHQ7C2xznNTQLqlumhJThYGZexBj
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"31a441aa6d1ccd981fb525b514595930"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: yf0Uuy2gb0NOnyW9LxIvCUm3gexWVQN2M-LCPWKfAEq5cTM69hHbOw==

GET
H2 200 92a3aeeebf8c92dfc378.js Show response
dashboard.sezzle.com/customer/ 85 KB
18 KB 75ms
52ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/92a3aeeebf8c92dfc378.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a9400c004f5cea56b173d2f17493d9eddddad50eb75b29593989c66e80fedc81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 1lPzUMBTehf95xHJLIW7.4Dm_uE4VLGG
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"f2a02ee83e9038f4500757933032f0e7"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: IuN_0DLOSQHGW_DGrgf2HwtvILHmcvyvEH1Abfm7_QE-o3PMc8BSZg==

GET
H2 200 9310bc5ec8ebbc732e91.js Show response
dashboard.sezzle.com/customer/ 89 KB
17 KB 77ms
53ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9310bc5ec8ebbc732e91.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

9f4aaf906fcb6d51837e379cc5186b70a247110ad332b4a847f2a16f136b9ad8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: tTuv.jiWxWN4DSm8Ribh6zFssbJnBdPh
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"98fe74e23020ee1ff174c3f4ccd2d7d6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: YRQTB78xuJN3PvCpI2P3SbxT08lBtbCfba02Zr-AsX6jX0N1LRyGRA==

GET
H2 200 904e4e29fa0eacca7ec5.js Show response
dashboard.sezzle.com/customer/ 54 KB
12 KB 100ms
77ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/904e4e29fa0eacca7ec5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a1140de8dddf7579e2283c4f3cdbdbc809766b50e2ccdbeba309e9eea3366e45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mIhUliiisMAbMdNWi3UbQnDydI5NgFCu
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"042927f60399a1e9f93964cfff5f17f3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Cm2Pu1zeUjuncMbXiskJCbRmrIiYRQSFsOh6vOTg-4X_44r5VtDLDQ==

GET
H2 200 67282b729141adb57f6e.js Show response
dashboard.sezzle.com/customer/ 98 KB
19 KB 114ms
91ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/67282b729141adb57f6e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

8f75623c7a7b40c5f87fea61a2a22822f6be0a3ce280259e5f65038f001b5afa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 12qQV3wtASALJ0Pz9pBUBXF5DWAUT9Si
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"33dbd6cf5c38aca0b7e2b675a768b331"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RQc_SGmD8ySJYszlzN1as3xJjiYQA9M6MkfHBrZcOcYkS7vybxWwFQ==

GET
H2 200 a76425ace83c87980c51.js Show response
dashboard.sezzle.com/customer/ 14 KB
4 KB 103ms
80ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a76425ace83c87980c51.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

67fc947ed9ee59a0376d14e79bb1b3c2c87a39208540c6b6e0f5828286c90321

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: A1QVZjgXq70npEW07ukMPLC.TwMFmvpr
content-encoding: gzip
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"13d28fd11a47ceded7a36141b0a3041a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: vQzCobOzz31pcde_lv1p3V1z1FjYNxjZTQyw2TGd3yMSdmakSn5SKQ==

GET
H2 200 676173b228e59ffaff8b.js Show response
dashboard.sezzle.com/customer/ 39 KB
9 KB 115ms
92ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/676173b228e59ffaff8b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

09d0829c8f1e4735fca774f572d71ebf4d86388eb2232775465b3b0bbd4a8da0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: YVY8ON2dyhWR_TepUpei_XcGB9JeAz2a
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"b86d5ee0dc03da073709f86375644a71"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: twq3TY-BFup0umHa-MqI68iRHpLwz5CNC8Qc0X0BsJmJFN26-Fho4g==

GET
H2 200 fd1b9154a45a99012f9b.js Show response
dashboard.sezzle.com/customer/ 10 KB
4 KB 117ms
94ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fd1b9154a45a99012f9b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

06a4a3516beb220a8dfe46cd20f0e6f069776b9209ac9d64f850820718ad076c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: tDSehpLbFiXaqDGx5rLdgGHWplvNnlbn
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"fc2e8b66623fcb3f1b61449179dc3a68"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0hi4_0fTOlfE3TiYP87L8jQmSg6lWAROTlXmrdeh46vjzuxhpwlJVQ==

GET
H2 200 2d90d6720311cedc23c7.js Show response
dashboard.sezzle.com/customer/ 61 KB
25 KB 105ms
83ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2d90d6720311cedc23c7.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

6c7dca6d52e3f77ba9da0918ed1f7c3fe25b695e5df6ce2a62964ffc18074d4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: yEYfyoWinbkrKxpapbyJQ1oH9QTe.ddK
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"c880f56a7db373071dfc5d2fc102a3fd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: v0aMealHxOhTpEDchEjF9C50JImVZranm7qI2z3APPrvuMMoYs4QDQ==

GET
H2 200 fff73adecde4896fec7a.js Show response
dashboard.sezzle.com/customer/ 67 KB
24 KB 101ms
79ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fff73adecde4896fec7a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f59dbff4fa2ae6c7370f7bf8f33a9965105e69bc2ee82fee119b506ea9205b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: El4d7x2Q58_2.IUSJ5vqBoe.cqslgL4P
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:20 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"ce039d41ca38211abe3f21ce3111e725"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XyXKjTpTrDap5sLYAQ12jagQLaThO5GHdxDpalAJ2kpDcSwxmywfdw==

GET
H2 200 61b009d6c0f9b28fabf9.js Show response
dashboard.sezzle.com/customer/ 27 KB
12 KB 125ms
103ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/61b009d6c0f9b28fabf9.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

56495fd469fe40eb081bbd3cffffaf2534e3fa98428b4ffc071b4ba3c293a544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WZzvIfXV8MQTrHSVmIJ5nhZ7eLKxsL8O
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"99bd7f8d0cbd6c062ce7597519b6e609"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0rJvgtqMaX-klatIHQ38IMbXbVwFKMa51HHQiKEO2sjHNqryrm5ECQ==

GET
H2 200 05ead7aad2631eee6864.js Show response
dashboard.sezzle.com/customer/ 2 KB
3 KB 170ms
148ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/05ead7aad2631eee6864.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

caf8da20dd2adcaa11d6cb880b6dbe72efd3a42998ed6fb670353badd3cda187

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: pxb7fMgPYYl6ZfXSnpPJCi_t_bk_cYbn
content-encoding: gzip
x-content-type-options: nosniff
age: 635
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"abb7ecf9060a098e64c821178ab644a2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dFy3B7LGNoDcUWk9nGP_imbcCBluSRB8l1zn_5VKcX3V4NARC96zQw==

GET
H2 200 4e2675f5e77d4ee4fcb1.js Show response
dashboard.sezzle.com/customer/ 122 KB
33 KB 103ms
81ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4e2675f5e77d4ee4fcb1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a7ba73ee0b023676903685f612e52582b51252a4a7a1c8f9d03b013926655185

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 1hWs7GouFI1QdHFo8NBMGAbfd1iIHn_x
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"b6f1373d38924d57c0e85fabb0b064c8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: urk2wGEDZdfjwndl15_d9Dw01n8S3LNMNs7fF3DAhbEO1q3THgPxAw==

GET
H2 200 31f9ddcbcaa894b6b8df.js Show response
dashboard.sezzle.com/customer/ 49 KB
9 KB 120ms
98ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/31f9ddcbcaa894b6b8df.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

7ee3dd3b6c64183225b852cf702bf91f8f2e1c86b2f0a4ee5f6c8d59650fdfcb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: y_.ozaiKoIQaZVv4qjkdwrcpggP1emaN
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"0c8346003b354f4a41aa2c7cc2a0d060"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bRNXoYkFAojwWgcSB_UZrtKZv42PV-a4-4eOFe9TSjKeUG8SE-3wdQ==

GET
H2 200 c1c710a0506855683876.js Show response
dashboard.sezzle.com/customer/ 12 KB
7 KB 106ms
85ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c1c710a0506855683876.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

39f5ba0634621ed74d8813a3a09e722eee8c594fd0f143e226d5fd580cb7c2a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: A1BuD9NCU6yX00zIddBhdO.Z3InvG8t1
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"2703e1fa36db74b734e4af3af6dd0d1e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: yn87G9nsKgeVf6-_dGbO0Zf0e5M_pgOkDW81qK8xhLF7cyZYSbb_Fw==

GET
H2 200 2eac53581d368388055e.js Show response
dashboard.sezzle.com/customer/ 31 KB
10 KB 116ms
95ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2eac53581d368388055e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3230f327083173b54fdd0553bea0f9c8725302a56cf3607feab3457d426acb1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 0xYLSqGjETN8ArNBoOQMQcz5ESlbGL0Y
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"4107ce98f0f556ee9e93589c162724b4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: GxyGXR0BacNoTurJXv-vI_zIgche6k_wblC_ySaYn7jnJfpHRaT0gA==

GET
H2 200 4be103f4378242108457.js Show response
dashboard.sezzle.com/customer/ 178 KB
36 KB 179ms
158ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4be103f4378242108457.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5d6b8ae4f1b7f5b1d3733bba32609481ff510dea54306e5e8f5ae1afe7321e43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: EpSwSKAYaeOlWsw9j3EOG5JDqCsjlLSi
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"a1bb0549916b76bc8a12ba9a8a5f64b2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: etBL2OC4ViOjFCwYnLpzxGSW_IKWsuA1gHxKHakQ-IMCHHa6wJgZQw==

GET
H2 200 1b61a040635a4eb3dc70.js Show response
dashboard.sezzle.com/customer/ 126 KB
24 KB 107ms
86ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1b61a040635a4eb3dc70.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a2bc52b0f103165a5aa516b2fb3d355b68a4584f606d48207c5f9867c0549ad1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fegH.2AKMTiDTb4EFOSKnQCvt8hfBa1f
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:57 GMT
server
etag: W/"6b09e63bee0adb2bb8cb43c74ffee923"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: e1An2NDmS-ZScHIJ2GgQwZU9nUSVB63F5GDT2l7C5E2HKR0IAk60qQ==

GET
H2 200 be8b6159ac3d10f49821.js Show response
dashboard.sezzle.com/customer/ 29 KB
10 KB 115ms
94ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be8b6159ac3d10f49821.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5305aaae3a8167077c0cc9a27297eab8d9de96608e504603381adf766da79b91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UnhS4MX13tZUjLvFGOxU.9z8R7X6vI_b
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"72e89408d71d11ee5aa53066c450b91f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: MMYKI85bVuyN4IxN5UXfe_wWA0MpMumpnJhD_IMotcbvAwm3HXCysQ==

GET
H2 200 a2d6b06309ff97f1b09a.js Show response
dashboard.sezzle.com/customer/ 42 KB
15 KB 109ms
88ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a2d6b06309ff97f1b09a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f2634c29e0db95a05c8d14971a8ee1ec6604694c0b095244ac34fdf2342cf98d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: EgV5JsrDzd2hJAnwbInNueyQvc4CZaRr
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"860226941b8bc9b47fcc06761ff3a647"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: FPVVk8iPUp-fOc9pS4tU9ABTqUqEte4xttRpFkb0KXJf99aood83Lg==

GET
H2 200 a1240ba5aef27b1e37c7.js Show response
dashboard.sezzle.com/customer/ 19 KB
7 KB 108ms
87ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a1240ba5aef27b1e37c7.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

2874ff82fd35a93853e9c47ff33f01ac5d025bf9aca9d55e22699d3313fb7854

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: iyB.Je2bdEN54okBfKNDE4rlQv12vLMV
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"c5856a9be4e046668223467af5bd0346"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: z_mwtrFPQH-OG87kLlVkL2OuwCjZobzbP_dE4goFDN9Kk8_sl0jbFQ==

GET
H2 200 a01e61dda71b41a083d6.js Show response
dashboard.sezzle.com/customer/ 252 KB
60 KB 117ms
97ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a01e61dda71b41a083d6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c43f7f438447b69d0fc0d95d932d29567cd29a40c44e6a8985c3c5e41359ec11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: EtkBkYSoo4YdiwOmLDxPwubLlENOiFNL
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"157965f635552b6f89d64f98e153e3a8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2LqkcvlLoHCcbOXulLEEdyVEWR5o4Hz4IukLrEuPIllU9A3YOF-3_w==

GET
H2 200 2bca0aeb1e26f9b57f76.js Show response
dashboard.sezzle.com/customer/ 52 KB
15 KB 168ms
149ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2bca0aeb1e26f9b57f76.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

db086022e0cb0bfafe95312964939ffc4b189062ca7a5e67d9123a180adcfcb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: R2Gum33JK4max49kbzmdZAPTj188dFas
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:58 GMT
server
etag: W/"6c5a900c87588722f1056f6527843f1b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1A-std3fPb_a8WnpnZjWL6ES5-QjRXtuP6UuUh5ctufWWEt1OM1dDg==

GET
H2 200 fe810c055393670549c6.js Show response
dashboard.sezzle.com/customer/ 6 KB
4 KB 108ms
88ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fe810c055393670549c6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c27ba18d7c612c4bca30ae8877cf35f6ac94cac8ec5d927170f2f185f5fa557f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: pF3WdO7NpHZFMRkfQv9hlmX8teyhT5Dv
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"dee404c77138add074a1cebe5a0ae1f1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3O35kCyfQJoUmnrHlPF3QlThTEj3CZSxVIwAHRQmqtX7tmtwbKeE_Q==

GET
H2 200 afd0da8598a0ffbb8ddb.js Show response
dashboard.sezzle.com/customer/ 13 KB
5 KB 169ms
149ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/afd0da8598a0ffbb8ddb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5cc50534d2c6f552bdc9b2d131eb35def188bf4509b9090bd7465703024b4f4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: DQKnlw._4l6j.85FV5zMq3kvPBvJ09t5
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"7b6f844a2c529c80136e95b96700d910"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: uTZ-bzsTPWDOk7RXiYT8c8zxj2HoE2Hq1t_D4W1N3h0LwQeFhdNgvg==

GET
H2 200 e2d314616a841b21095d.js Show response
dashboard.sezzle.com/customer/ 42 KB
12 KB 118ms
99ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e2d314616a841b21095d.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c5c9c2246fe20b955805e8c380082bdb8663625e734a043af930b3e562991c33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: iSFU98_zprZBu0XQNIOaduxmgupqnptg
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"f58ea809e682acf8298ed4fdd26982f1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Mrr2qxxDgbKUql0VyKNrUrlstTV7DKWvet7GxaATKfPSSJ_rrZQb1w==

GET
H2 200 81e4230a2583954b2f66.js Show response
dashboard.sezzle.com/customer/ 100 KB
21 KB 108ms
89ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/81e4230a2583954b2f66.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

d3ec38880e1d4c155e50155d6be97de1ebe52d06d9deacb46ee24f3631da7e33

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: C9T5gFSF8M.KzeNSzDUlWMsnOzEXWYVB
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"7c26f4984b336e7adc4642a2ce9f3778"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RRkDkXBtQ_iuIdgCNVuiC0DuNnXn1gS26rDihD-caOXI3XIuOSFYww==

GET
H2 200 bc07dd243eabd3a4f13b.js Show response
dashboard.sezzle.com/customer/ 13 KB
5 KB 109ms
90ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bc07dd243eabd3a4f13b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3c133993fa1d55fcf049df50f4029fdf0894e023a81fbbffd415e2c26b704ef3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 7J0B9S465fEGQc9lmtboASET49hvm3.F
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"154a80061cbdad47228a7db64bf8405b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ADK1Sz3SO2GCceQPMe3c8uqMhgchuDH_wbNx0SIVTw-XDj12aoLVjw==

GET
H2 200 7836296756d3e418e9e1.js Show response
dashboard.sezzle.com/customer/ 9 KB
5 KB 170ms
151ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7836296756d3e418e9e1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

02b765124c05d1549800be151e11a8176d3be91cde2156a34ead7898db646ec8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Y3.uETEaU5RzJGDQ7nADB7cBXHbrx1eG
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"798da5e6b8506760524963dff9e28f5f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 6NKb__44ttW3t0iCASTrIE344qwXalzACiH8Hq4PLOCxfxpq-DfYzg==

GET
H2 200 e43e3b9f3c3a43e0e45e.js Show response
dashboard.sezzle.com/customer/ 97 KB
22 KB 168ms
150ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e43e3b9f3c3a43e0e45e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a88354dca1209536939811baf648769d736f6acf82bcd67b4656cc91b7f3bcc8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WS9Mot3Tf68gFW9pyl.0AUHAB48OfA0i
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"2dab2643a77e842889140600d079a19c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: le1nhNoEoVngYSNCYSV3rS3xLzR0cwZSz1T7SMuWIrogfPZBDcsaGQ==

GET
H2 200 3a13fb6cde16690a7ce5.js Show response
dashboard.sezzle.com/customer/ 111 KB
23 KB 126ms
107ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3a13fb6cde16690a7ce5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

6c09308e52045f50e04a9d02ae3167a9dc3682c195ced511dfdab7f4fa71d4fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ZnHmzIAs1RVw9Rjv9g7QOhi3RH3m9cfF
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"31f50348b35ace44b2d3afd94ac8d4e5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kXsoaEduVN2Gt7BBieDVjvU3XynvLb4BCPbxM3m2G-i8dLl3z7HPvQ==

GET
H2 200 f69053ba9763e5470afd.js Show response
dashboard.sezzle.com/customer/ 45 KB
14 KB 136ms
118ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f69053ba9763e5470afd.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e3e1ffd506c4ca5d42290e3a5cdea40b93198b1a7b02b8f9c02ec971cc25c738

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: amxzD.BzWyILHWu4t1eAuW25080C1u3O
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"fea925a6aacc9d8118950e52bdc70b5d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aPvZ67aTAAzLreSo3rPNqGdK9nZ4D9_MAh6QCyco6YhbT1gXz0zb9A==

GET
H2 200 bf8f40f87393e0b74518.js Show response
dashboard.sezzle.com/customer/ 102 KB
37 KB 110ms
91ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/bf8f40f87393e0b74518.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3fdf1610adbc4accd9d073e7433526c2f9ffc92abc3d5283f374834fd4cd7c45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: kuzan3VmK5B0J6NkLzInt6Kjw_NO78dh
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"bf851077346cb7d0a36ed06f74fd3cc5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: H3-2jNTIPOTFs2eGfpISTnjDyOzGDqifzJPTUwtNCQBQfTcA3AqXJw==

GET
H2 200 01f6724fa30914f52338.js Show response
dashboard.sezzle.com/customer/ 41 KB
17 KB 135ms
117ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/01f6724fa30914f52338.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

0d329a63809e72cb02be9bfdfdebadbb9e6ca8435a7b4fda8d9e98619bedb5cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: lHZFyC7tRt0yuX0vd1R1Knb0yQuZaBym
content-encoding: gzip
x-content-type-options: nosniff
age: 633
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"6bb51d14f6fb68a7de1ac04986ffc8af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ntlm6jsG0D9CWcRRTpCD7vJ-rdxS6sXAiiBx_J-_ZgOf--J9l8CfUQ==

GET
H2 200 c210d78391f1a884c291.js Show response
dashboard.sezzle.com/customer/ 34 KB
13 KB 166ms
148ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c210d78391f1a884c291.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

9a02d91fed7d1b6229b095bc4a80ee4c9af9d7cf4e77f9920a3c4be6c1f9cd47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: jPYRV6uroQ11Hcv.OP9AQiUrB9fOsVFO
content-encoding: gzip
x-content-type-options: nosniff
age: 633
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"e325c92579f2fb50031c6fc3d877b9c5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aXZTXBuXy2ebADtgYMpSQ01kj--bzTkG5B9ZNQtaZ-8NttLjJBkaOA==

GET
H2 200 5cea50a1e588c5c23f6a.js Show response
dashboard.sezzle.com/customer/ 84 KB
19 KB 111ms
93ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5cea50a1e588c5c23f6a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

30a45e74f8f90d09853e72aac6d92021f75df8f9844d49d5805255b895e3238e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: NoX06Mpw1_JPIDb.z6bq0vxw2mazzJLo
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"e353b6ca71a861329911d6efa0c7d360"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ZVW9kLVnQDIbsjZfda0Rin55YfLRWyOewwUMhxFCULnS-Z3Gj3p70A==

GET
H2 200 2c254c862d03eaca42ea.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 146ms
128ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2c254c862d03eaca42ea.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

badc476f290efa1588b6d34d18cba43214487bdae4f0a1b6f4f65b83359ce948

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: CkvPw_fHqEkhUD9uJwIAV7gMsF.E85jN
content-encoding: gzip
x-content-type-options: nosniff
age: 633
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"d5185bc3591e96538538b526ee157587"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UQzWKrW5nI27Mk1Npt52eL0D4-j2Yk7zhgKvu9Kn8hEv-JiyYyDcrw==

GET
H2 200 5dbc2056e17630ab8129.js Show response
dashboard.sezzle.com/customer/ 112 KB
31 KB 169ms
151ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5dbc2056e17630ab8129.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

6579d23302aa1fa5cf46115ce0903aeee261e64ec20ffdb2b1f6ab2ad0b0d3e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: VHVUdh1QMYv9KttGakgY.Fib57w28pcr
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"ae7fb534fffc408e573717dfdbdb133b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: z8RLcViuN9RCGw5UaPdaAi1PyTLjVmlmVXtJkTXX7i2j7kMGy87ShA==

GET
H2 200 5e1ae996782df02c6556.js Show response
dashboard.sezzle.com/customer/ 19 KB
8 KB 164ms
147ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5e1ae996782df02c6556.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

0275081115b0ebc8f125f2254abb12cf10ff6e5505a2567829dc3118810357eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: hvVyZeZ2CB2ywJqYu5imu_L0Rwkbu1p_
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"4ca5595d0b8068d34b0d3dcd76b3015c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8NqGITukruts41vfdboCBkpCwSviVJ5r9RYtnWTRWq_2TRgmeQaSpg==

GET
H2 200 88029a87f759789d335f.js Show response
dashboard.sezzle.com/customer/ 9 KB
4 KB 127ms
109ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/88029a87f759789d335f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

fa014788b4375e3e3657c15713e45e2a583d07ccd80bf7111238b4da4ffeabd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: uq4Jp24fMg6cXU1PMkuyluyR1vbMeobk
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"663441201d210d20e6ec66c911667fcd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 9mVVZ6E3OgQOHezkkqIbxDJCe2B8fmYnJSn6imA213z-UJDV1Nbm-Q==

GET
H2 200 d613cc6573d0b18bea58.js Show response
dashboard.sezzle.com/customer/ 59 KB
21 KB 132ms
115ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d613cc6573d0b18bea58.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

997202b5155b8f17b5a551e2480031890f295b1b1fe88caa33e82e0271cdf6e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: c2h7Ifuz0lJDoGRF06SG9YYtvBChRVbx
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"19f37b91766439e2edad9fc747509e2d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hDLFV9BMp6qPpnwq1ZueiJbg9TadlFOd63Tvp6ZY6qON9x9i2MKRMQ==

GET
H2 200 c707bbbdb64dfaa3f851.js Show response
dashboard.sezzle.com/customer/ 36 KB
13 KB 169ms
152ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

39492b6fcaa54dac72035a607cebf2cf9d37506692c1e12a703adee40744edfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: lxEIN7PNoSB8ZzITnkHeFkvtdwsxL9Un
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"3e24f90d0d665d9f2f27dc866fa01c36"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kTszqt8U0cCRmp675U1lFLTiqozwRP4rpQGsNT_HUfFWKTKOUty_rA==

GET
H2 200 12e279036cf0ddcaa8f0.js Show response
dashboard.sezzle.com/customer/ 49 KB
14 KB 170ms
153ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/12e279036cf0ddcaa8f0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c0cbc9bf1b8a07fdfaf803c1ea0fd8ba4602c58eb3de6d23410d41b3b3814c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: xP5RqT2gfbQ5VAUg2u_nCxFSY0ep1__Y
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:56 GMT
server
etag: W/"1ac22b8d30a05c9e4edcb764993cc198"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: PqlkUXmws339QZg1E3F38zvecnZONz8jIqxcfvm4D3JyZQkGcWUCWQ==

GET
H2 200 eb98799382973518fc37.js Show response
dashboard.sezzle.com/customer/ 67 KB
20 KB 113ms
96ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/eb98799382973518fc37.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

dc32df24e5cd0cd3a47fb3776ec7eb84b31fd7bc28b1f7bb5240af646c56956b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: lv66wHrniMus8uYUu1qqUiCJj22UjwTF
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"b6106d5c7c8f7b0a954158c86535f1e4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: oH_ZSTZHBsje407KaeTICUZP-GOXHsuP1t7DmQXOb1HmcbHl4CbTnQ==

GET
H2 200 f01da759af908742b530.js Show response
dashboard.sezzle.com/customer/ 36 KB
14 KB 170ms
154ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f01da759af908742b530.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

fe2ddd6430b01428063f6923a396392fdc93447073619d855f4dc4ff0087ed29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: bt95JzCF.7P3QjhSPWzirncqI_9fSuxq
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"c57fad258c6b6e0ad5de53ec22b481fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: LYWooFOAHiENkEm97ClLhRzeeGZStGrSoD4b_0cZ-0g2PCA-DdcNjg==

GET
H2 200 d1e53af31269d60f1e07.js Show response
dashboard.sezzle.com/customer/ 66 KB
20 KB 121ms
104ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d1e53af31269d60f1e07.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c90e217a6294eb8663ebf9e85d7554f036df29a67551d13356d8b4430d3fed24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: wpEA.lQIhPurjM.ty3f7eENtcvAWqmNE
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"fe58ba324452e1d48d36de8d931f26fc"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OcdwgUp3MvPoenWcrVL2qR2ma92obtJTzsZmXb_MPGdHjAiIYICJcQ==

GET
H2 200 a37cea8fdb1608216a61.js Show response
dashboard.sezzle.com/customer/ 69 KB
19 KB 128ms
112ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a37cea8fdb1608216a61.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

ec10d198bd5a2a6320c7b1d8996446f408eaa9a425546536dae01b325860c084

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: IIfp76ae1oOmknh6v6oLdoB1THWjrmC.
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"34748364b5b27d409e39f612c3b76622"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ZQ3iWdBR0Dwlk_N9nU4geJlxf9kzab6T64AVbhBoWzbljJl2BIiZ3Q==

GET
H2 200 2c50c9bdae2fa37b1d77.js Show response
dashboard.sezzle.com/customer/ 41 KB
11 KB 124ms
108ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2c50c9bdae2fa37b1d77.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

1355ed601cbb008bc04077a18ae189d63c726d74f7e89f8df58d836db39843f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Rtl.a8TKv0q0wRwF1C_K2fOfM1.xDAaD
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"49b65a1a8af99124bc2f267af17361cb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VrSd8XEDogGSfS5WpKw8Jh4lIF0HEqG9a1VrXfLPiTS0BaMj5iDeuQ==

GET
H2 200 d58d5d728978df3d9aff.js Show response
dashboard.sezzle.com/customer/ 88 KB
22 KB 170ms
154ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d58d5d728978df3d9aff.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e118a32ab33632807692ee903bcf8c467206d68373844d7433a02622d38cf825

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 4KDTAO70nJe0seGeEe8hg3OjUNccsrMr
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"b9c372f45a2754c9ec42ce70a843c858"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3U2Y3-YP0kvhdKglzYtV9oVkuIqjT7gY5-WRDhAQvpWT5x8YO_r-Ag==

GET
H2 200 55a2f60f4d590c0bf5af.js Show response
dashboard.sezzle.com/customer/ 199 KB
40 KB 116ms
100ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/55a2f60f4d590c0bf5af.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

b534de94378851860ffae1ab94fc2bbb1ed374bdc4a99d635b043c9badda9a52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 2oZYIvGfFAV_eO4B_ubSpqrfrf99o8uw
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"3018611b32c99e7f59094dbed9414edd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: v37xDMf59WyYFzqFhmQ06dA4JhoWDI8cz5-zf_2-ExMYVaRROnRRwA==

GET
H2 200 3992bad7a7e9d4eff2f0.js Show response
dashboard.sezzle.com/customer/ 84 KB
21 KB 117ms
101ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3992bad7a7e9d4eff2f0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

76241f4423016893e64d057aee68869beb1b053e58c5bb1fb6d971ddcd660071

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: mmzqeI_dUKj6H4jWCUkDmkcO2rYl9C5Y
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"074dd77484b41c7377c93d7648caf449"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XOiavTHZbxI1oLgryG0YFu2M3p9r3fyTuINvEMyOc57p4bFfgv9fOQ==

GET
H2 200 5b656516976b3db93b04.js Show response
dashboard.sezzle.com/customer/ 18 KB
8 KB 122ms
106ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5b656516976b3db93b04.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f27db8853d89cc5e26f09104092abfa99af8b98bd284f0b771de2067920a6faa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: d.gAQ1SRrFUln8fg30Gd60cO7OP1c6u5
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"d02b8dcbcae968bfb6f1178de8df8e01"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: i3V8sH__J55MJmvnYWdIizrAfnQpLy44nK8gtGBqqEJc8j_GAZGCPA==

GET
H2 200 f0896e69d989db48c792.js Show response
dashboard.sezzle.com/customer/ 16 KB
7 KB 117ms
102ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f0896e69d989db48c792.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c22ca97eba1179e35d560b5916291f94342f53b8c4960c3d4b7e38c9f5bfe7ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Dubu98lE2rj33QOhzImiQkuioos7THAw
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"aa795dbb7db9e59f8e915f5c4674d55f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ibRnkS9Hu_X2P8QcZ3WecT5Fxc5f7iLS3aHzPJR2xZbhAaT26mx-gA==

GET
H2 200 aba2ae3e16c772a9efc8.js Show response
dashboard.sezzle.com/customer/ 39 KB
13 KB 120ms
105ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/aba2ae3e16c772a9efc8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

72bd7c95a20e97ee7d236f202facc16695a4e544be46658ba74ac6c98d8b2031

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: corOiYHi9upHDBJaBAX3KEFaHiUrj74u
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"eb28e47251800f3bde96f2d25b4ab1e5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: SXxVPKVS36GVk4vM1q7MlHAYNx82l-jZIyulaaLfBzwp3sU2uW6lDg==

GET
H2 200 d09ec97872274f88108e.js Show response
dashboard.sezzle.com/customer/ 55 KB
16 KB 170ms
155ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d09ec97872274f88108e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3b57968e5b7025726b4b52dacc2405bb99b68a21d50e7d204be62a346c02646f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: rdmmw2t9kTnZL.QFOvrgiORb7G1.swtZ
content-encoding: gzip
x-content-type-options: nosniff
age: 2922
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"cc82381a32fde572f7a7f20d330865a6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 3Pa34s3P88B6l-xoAYc_XODakGoGJFlSPzDPNU5i9i3K-PdHFafc6w==

GET
H2 200 27161548589252d7477b.js Show response
dashboard.sezzle.com/customer/ 98 KB
20 KB 187ms
172ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/27161548589252d7477b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5e105ff3de96d740e37cbcca0c405321678f011427bb219b5624674aa251151e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UNqOk1qRo_r35oRMPp2yydoi_CcVrLfU
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:58 GMT
server
etag: W/"a4d4f9068152155c73f360313502c21a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ukpIo8Lrvntfn89nPLi94OvDwaMcDAZNPnUedDJikdk4xo89WWzkJA==

GET
H2 200 43e0001c7a30010f5af1.js Show response
dashboard.sezzle.com/customer/ 30 KB
8 KB 171ms
156ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/43e0001c7a30010f5af1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

319264e23a2f4de1c31be28ed5d9524e35012f24fa80fc81815ec387883a72ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 4kQ5qXtpvkQHxDVGeaufeH6Y8P4oF2a7
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"a694c45110ed1594d059a62f7b562c9d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: sESpwlwa0JL7E4xfc3eDzbzpoA7i6asYmCXo80dRR29817hUV9wjLQ==

GET
H2 200 cfff863facb670e689bb.js Show response
dashboard.sezzle.com/customer/ 23 KB
11 KB 171ms
157ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cfff863facb670e689bb.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

1bc1996e9ae553a563d862ac5461e8b1bf5ba1a549a25ff6285d05e812e55fa7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ILa33IdTxWRAaSKKCAQQfPWaRvBteK7M
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"659740aa839f3c4a1e6e479bd5150eff"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Oegf_yGWmmfKqQhoHhQt00hLtjfdwy3K6G5aBa2JzZZ-QXPG_6xfRw==

GET
H2 200 d3839c4d3a5dab745817.js Show response
dashboard.sezzle.com/customer/ 23 KB
9 KB 125ms
110ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d3839c4d3a5dab745817.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

07d90a55978a1ee29dffcf12a7fed9dd0f589b86f56041c32ad454eddf4cd16e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: qndk_nU7w0Rm23eaCw3ZzPipgKJ2h6Hh
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"75ce876182469029b0f71cdd437973af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: I7zUMwKK3kOCZkezvFYLswp1oJHQ_hP4ke12V1foWoqQwcp5-rpvlA==

GET
H2 200 f63216dd807cba505232.js Show response
dashboard.sezzle.com/customer/ 16 KB
6 KB 173ms
159ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f63216dd807cba505232.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e4c5459d819a43cb932eaf1340a87a5fb84c2f8ead7cf64648453f70790efb31

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: b5P.j.5a43iaKe8CFDoL1leq5FAndOO3
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"e26722899836660b0077f03c5e408226"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: v6PcSJtqQJoju6_hd8DWLgVKO0cIkc3HzzbBdZLzazJtf1V4JwklXQ==

GET
H2 200 be1f948f50ef302bebed.js Show response
dashboard.sezzle.com/customer/ 38 KB
14 KB 125ms
111ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/be1f948f50ef302bebed.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

217bbe61a30d8bed7453ec94816e327c7e14434d113ad52001625e5133e27916

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ds78TCUZ.ETcXW.xhfRwXPUgh8F.UGFH
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"c86f921aedb43047dea1a89569416fc5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aVuM88lOrAPNMJuOxG9gta78D0j4bp3ML-6GMbVnsQZtVAAudIqemQ==

GET
H2 200 1c68faeee74b3c00eac6.js Show response
dashboard.sezzle.com/customer/ 16 KB
7 KB 173ms
159ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1c68faeee74b3c00eac6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

06be02d32c46931775ffff6b1d5f6258088d6b7e71f5b8135c9a8a477577ad9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Qqps1SPv2RGM15b2FtkNHBHvwKM6e5Jg
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:57 GMT
server
etag: W/"b460b4f1f4f13c430daa9ad84f5d4d24"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Bzl2N6XVeAPIKN9T5ekq8COhLs6b44HRWCqnNhVhgIIpW5imh_NWQA==

GET
H2 200 8459de5904045a79c4a2.js Show response
dashboard.sezzle.com/customer/ 70 KB
11 KB 174ms
160ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8459de5904045a79c4a2.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

d6e0719cc49d3e6a4e86818ce11af40933c5c4cd9973226108899b958d3f138d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: NxNiAcGUKVCb5dd2JW.JcjI10wsOvCf6
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"d7f97025b7e9bfd20df69a83403824f1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: i6fn7CyFH85T6NA1QBNsiFewO_0mewTtWqJqPLcfO-1VDeR1MDtw1g==

GET
H2 200 e900d36ff902c6e84ecf.js Show response
dashboard.sezzle.com/customer/ 40 KB
15 KB 126ms
113ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e900d36ff902c6e84ecf.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f19fffab3ee90eca96e94bd6a7c295045f1ce8b03763797f301b3b84598020ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: GJllmpcCCROXO04QMHAUmkmu8KpFm_YA
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"35dbf6672d10b7bae7ea3fb8906ddaf1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: drw1ppV3H8wkLsbP99vneKWpIpzynKttMV-vWlDRAoffNnsITdwSag==

GET
H2 200 d4a2fb6d5e1c2d1a1279.js Show response
dashboard.sezzle.com/customer/ 77 KB
8 KB 201ms
187ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d4a2fb6d5e1c2d1a1279.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

7f77dc76a922ecdb55b085d1a6e7da778e76031a0e0ee558f191e428d3a76f56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 5KY9Ha9XTy91eLOExwwJQzm3j1y4..10
content-encoding: gzip
x-content-type-options: nosniff
age: 2921
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"a7ae7bf4b694be5c8ad717c08faa411d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: p1aFWNEE-r7fmAbz4jkb27jjcb0o2tfKfjrAfOUcJ3kXEfe_Ni0DcQ==

GET
H2 200 9067e665b241a6359fd5.js Show response
dashboard.sezzle.com/customer/ 67 KB
21 KB 133ms
119ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9067e665b241a6359fd5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

61700a2d3f137a6f8e93a340eaa75eac89b24186a831b69e82e5ed6d0e28000f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: awDbToT98WAEtnUwdi6sLAYrH2ve1De_
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"7155cd9a043832073ff030c98dc4b227"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7XH6Y6CAU2ypdNAXYIkOYhES61q-zZ11nOz9zOjHsq5KllkFi3gPmA==

GET
H2 200 eb66d145fae201bd9488.js Show response
dashboard.sezzle.com/customer/ 133 KB
42 KB 127ms
114ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/eb66d145fae201bd9488.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

8a6bec2e7c678155ea3b2db604ed2613ceddd3ca8ea5677d0e618a58f4ce9621

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: .MkoAwasGUbrLdgFiHso8NOO5wEsSag7
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"32e65572eaf5f75f01ff169ec0bc406a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KGA-sUltER-Pd3882IijWwnNOcwYEfeid-q1NvlS7wSIFYhTKKEptQ==

GET
H2 200 9e5202e3089d03775218.js Show response
dashboard.sezzle.com/customer/ 91 KB
16 KB 174ms
161ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9e5202e3089d03775218.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a81b58837acba4e0e4d4d7ef7f40dfce45398f7a3964da1d8bcc435415cbba3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: PVG1UGNaa0yRCatdyADoIVC0H8KsYmJr
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"45320728a5d8a3e39c1e5500e8daa1b0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kl4Jy8zwIZGXmqzu5_q6ga8pOukAFcDOpYeYxDpM9bLurdzdd97K-g==

GET
H2 200 a09bdf8ba7a2b08f3fad.js Show response
dashboard.sezzle.com/customer/ 100 KB
40 KB 175ms
162ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a09bdf8ba7a2b08f3fad.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

ea9dcb64755b04886f9ac8b9562691f9eec1d2120a1f5ed27afee2f283a943f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: NNTBX.JyWT.8RRSBHOMkBICAlQQU6tmw
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"db8da161a3bf9fa57c6345adaa5dca61"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: oRdG4vsNE13aFKC98js5qqSWafMkgebhTAvAQGh5eOf99pqd0LIzNQ==

GET
H2 200 074f65d852d2a443b8f7.js Show response
dashboard.sezzle.com/customer/ 172 KB
27 KB 129ms
116ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/074f65d852d2a443b8f7.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

dc9bf02f2d27bcba66e58a4b479288607675333ab107d8503fdd40df02e03337

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: T9VT7.VTLKkvVp2AmEP7s2tftBxaxfNj
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"b89ed65e59da3d56bd479757ca110b4a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bB3SxYSBRXIUVgssdNI5JEE9gXNMS7CdcwM6CEq5BzPRpfbJziMiSg==

GET
H2 200 fbde3cd0822783beb143.js Show response
dashboard.sezzle.com/customer/ 76 KB
29 KB 176ms
164ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fbde3cd0822783beb143.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

ae0bed62b4fb523fb13faa0ff67810b563ddff986942582f7027c132cebee0b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: UcD85LoQ2qdsVZLSG.D9o2vW5FYzmUCv
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"5866e604cd0dbdb402491f0d49518f01"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OA_5dXCVXhT-EB3A1k4wnvQo2WCeygSYg4kOuMioAISqDY21LX4oXA==

GET
H2 200 6fcc898ed0448cc54b3f.js Show response
dashboard.sezzle.com/customer/ 19 KB
9 KB 178ms
166ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6fcc898ed0448cc54b3f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e8eefcf94f99953fe19ec48d301b71c2d80e4c308c617685cd3a7acab90453c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KxxT5o48Tdd6coZhQvWeUt97ymyZaevL
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"1cbf3a4091266b7746d918837a81da74"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: v2qMbTCtoVVi3zxQQL5Wvm5Wtbzp7NkIjt_umwfvv3oVioV_F7gYfQ==

GET
H2 200 74ee4b5d0b689f0ef576.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 192ms
180ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/74ee4b5d0b689f0ef576.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

8643c9e06437c2a87960338dbb506e26f6e6c3f56fefa04dc4e379a72f69afcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ZWwsh7F5bd..5feMNrv2NsGMAbQ_7sug
content-encoding: gzip
x-content-type-options: nosniff
age: 2920
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"d883e7b9b054bbc4fc5baeb0270cb1cf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: afkY7CyIuKo5H_RBOx5GZ4UHFt1Ysh3GPrlCI0KAQZqUvi_Jvqg_Qg==

GET
H2 200 e30f7c5b4a4d15b029ad.js Show response
dashboard.sezzle.com/customer/ 20 KB
9 KB 131ms
119ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e30f7c5b4a4d15b029ad.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

56b0e6718f93c5249b985bc45a1ccc66554ab920d07dfe6a3c47c8b6791edec5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: grX.NDMFOH.hFU44ZKOtxwQNrRpnxppK
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"010804df1f8ff31f2c00d895a573eb2d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wOBE5XXXzinhgoLzRDFNqzQNPdkv7Q4ZxSpDWp34DTm7CIknydTiKw==

GET
H2 200 420f33f941e05ba05e9a.js Show response
dashboard.sezzle.com/customer/ 21 KB
9 KB 200ms
188ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/420f33f941e05ba05e9a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

54d4c0a4361097c9e2aa32993c35d3e478255f81c79a1183eddc93290fb6ce7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 8XzS1eYtK7HfZAMUaN8gpKRq.Pp45l9v
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"99b550f5e39594eb4afef1e08b48fa51"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: pA2b5Q_EfpQ9Ij50WiXDF4aXZc7Momqa7FbQ1zT1lnVvive641Q5uA==

GET
H2 200 a8902811ecc27400a803.js Show response
dashboard.sezzle.com/customer/ 227 KB
65 KB 179ms
167ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a8902811ecc27400a803.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c9ab4826c6e425e81f3f1608d04fe49b75188feddb511d72e87020699e4f12c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: HifPJfxvo7JJHmFytKNgb926L.Pa5vRx
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"2eaa0d1b1c1f0c3234c1e8d4b422e8c0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: l8Dfx2aGnAW5MRt09aSsj1nBZhEh6HRWzW4cYnl4kARLxcRP2Sl_rQ==

GET
H2 200 1f8138ca778f2fd181cc.js Show response
dashboard.sezzle.com/customer/ 11 KB
6 KB 183ms
171ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f8138ca778f2fd181cc.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

1fa45cc1f95a1059d5238f3d9bb32f023cbe1c6cbca0cc353bf486aeba105d1a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 3a_2_qrowoTuX.otvYxEr65NrfSpr.dw
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:57 GMT
server
etag: W/"e50e43c484d02977bd11af5868063e1f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ncs_3pAJH20c0m0MMXqZUcl_FMevW8EVCKbCWwlEPY3UrxXAvIOcnw==

GET
H2 200 6c15bf60970921ac56b9.js Show response
dashboard.sezzle.com/customer/ 12 KB
6 KB 180ms
169ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/6c15bf60970921ac56b9.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f7f48deea4e4a0fe941a1b91bcdf2b0609f227ec47b9a0488ebd004d3047c77d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 0cAHMFkxSCs35Yp_byg849cnoBAyJYz4
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"04d9700e4c159b55d1696d81679cf4e9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5xxLB-s1l0b_3lWINJXoJOGzS_drlGCQKVMnsDCBASsYjMue99jm2w==

GET
H2 200 b3eff76bb76b10b94cf1.js Show response
dashboard.sezzle.com/customer/ 12 KB
6 KB 179ms
168ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b3eff76bb76b10b94cf1.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3672428c5033cdd24029908c8e8637854ee76a89c83a03c569e432f1010aaaab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BNji8Wo2HZUi_5jr2wre6MrNvLaukyc.
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"56e2d54d97415bf3877afa3e4aae5a38"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: MG8sWuLqfOSe1DHC5Rb-T-zta9BiG89KoaILG24uLPrHX-qxpZ0m9g==

GET
H2 200 09c4e377ea47f3436f34.js Show response
dashboard.sezzle.com/customer/ 30 KB
14 KB 183ms
171ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/09c4e377ea47f3436f34.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c899bf1fc4c5be83bfa84d8bc8dc406e3b0a74e2e1c445922527c6436803318b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 3uvRVrYd.yMnV0TZ.gpcADwalzz1AHN_
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"6ea9c2dc304e92c896b78b06fb78e3bb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: um6-xl0KYi3uN6KwGXQ86477hmhlut0-SqSvC9qC5E1JxY6_V-PN_g==

GET
H2 200 1f7b192320c3b03894c8.js Show response
dashboard.sezzle.com/customer/ 187 KB
52 KB 133ms
122ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/1f7b192320c3b03894c8.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

bea9271b88bc185ffb9cae6b1b26fbec8d2da3bfc9515dc3ce652a3d38a72304

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 2CY9lTR7Oy0wugmchwmbWtqkGywRrKMF
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:57 GMT
server
etag: W/"148cc589cebdd084de1db7b59cad8fa2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: m2HYT5gUdC9ZQNBxeZF65DzNodwkRli-1F0UK9Y78g3z9oTeRR9awg==

GET
H2 200 f0bbbcbef98f212fdab2.js Show response
dashboard.sezzle.com/customer/ 75 KB
26 KB 132ms
120ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f0bbbcbef98f212fdab2.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

fa731600f228489feceeea027f3383c8cec913b3d87dfe82b1d7d51cdfe4c7a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 7HYBOqVI9DFHfcmZT.V2Mgp6ahQmd6F9
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"08de9087acc4713ea8c1ea739d29e97f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7hODQFs8tPgMieX3hix9OuXTu4S65yNaGKCj9gp2Wt3ZsJHM01pPwQ==

GET
H2 200 78a5aaebb1b8624150d5.js Show response
dashboard.sezzle.com/customer/ 74 KB
25 KB 185ms
174ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/78a5aaebb1b8624150d5.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

7447c7e9d16fab9d4b2221a9260ecfca79767bb30610ae93c5b71eacfcb4129d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: WldHU35TayyzmQGsp0cxGO3bgHibrIwV
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"37a60382059e7d4670ea0714fc706166"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: jLtaC8EIheImGNuE3aMdSN98DFL3h5Sc1FB1NsEW5rgrFfMjuUbbbA==

GET
H2 200 9ee163b10340002f3263.js Show response
dashboard.sezzle.com/customer/ 26 KB
10 KB 184ms
173ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9ee163b10340002f3263.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

63681b10110fc95a23ffc7d3fd4929211e0f0ea28c62be920d9c7e6d3a46e848

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: _JOyC5GfYaIuNbJzenbj4HX9HfxODfgn
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"eae25d578436dbbd59f2860462d0aea3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: eUXDgDo1QwSgaU0fzKtUl1lp8S3uNsQ4h2j3ZuB9K8vMEKf3J4T59A==

GET
H2 200 7b1a7ae1404daba6144e.js Show response
dashboard.sezzle.com/customer/ 58 KB
18 KB 134ms
123ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7b1a7ae1404daba6144e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

bf416f865d8acfa473483bc09d259bab50ad852864b9c0da431ad40dcf49e7ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 5U10T5IohmZTxiNfRXlQXMR5nXmiAUL5
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"07248749316631e4ba939021dc4a2641"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: EtXmFlPS2uRmqug3h4M9kZ02jaYeJskSCpB12y6Wfhm0F1-3KqjMVg==

GET
H2 200 9da1bf17a9f84c3a5136.js Show response
dashboard.sezzle.com/customer/ 83 KB
26 KB 135ms
124ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9da1bf17a9f84c3a5136.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5e0b3c1337547f46b0fb0e60e9e30ba2b029af2539840fe7ee90e9b4470b9060

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: z2yioLMeF_BG_7xsZ3KTHSqvxh0iJL40
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"be8d9b7a9dedd352df42deb3f2c0e654"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: T6Sk_-3x_hsH61ejBJlXgvbdvh56-MDyyYRcVldd1BgU3D4t4Ye16g==

GET
H2 200 7cd013fcbeb3bcee8088.js Show response
dashboard.sezzle.com/customer/ 44 KB
16 KB 154ms
144ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7cd013fcbeb3bcee8088.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

01d947313355bde055e756d110e9a21784fb847b4683032ae7abcf571eca3487

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: YrMtCsX9p4.tY4qGsQ4ydmj66XtluVqq
content-encoding: gzip
x-content-type-options: nosniff
age: 1877
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:57:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"0a722a384e1e2c1e250cd7b1269a66a8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: V_QmRr2JRlmqO1SioCkJiGrNEa7tbs84rtDw78PHb8qigH5vEHV0LA==

GET
H2 200 4bbaa92518171057b28e.js Show response
dashboard.sezzle.com/customer/ 94 KB
34 KB 141ms
130ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4bbaa92518171057b28e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

abb77bae58f4974530fa051380ec08241ecbb1cfe3e9d5c65386870b4914ff80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: asybZTkZUFpXbJf_tiYVEGIly.SZ.9PN
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"f7734ac53da8fbafa7a0bc6a3494fbeb"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5UO9aekRynKkLJuv3mfexbX7qOwTu-clrISGQS49903WFu7tQ69xXA==

GET
H2 200 71f4ca62de724b4fa96f.js Show response
dashboard.sezzle.com/customer/ 22 KB
17 KB 185ms
175ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/71f4ca62de724b4fa96f.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5f12f09e6d8fdcaf0d9e4e509547a8cf465161484613402aaaae4a82c2fe2ce7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 4MgzDklQmOi2Y0WOAvsi17s7WYcFih3Y
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"9d9c162ba263e5eaf8ad53ec1fe41a5d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: q7iKZFUsMfSL2dLHLzCL9-GbBDu2RwNTjFF870hh_irGxyxF7G_1pQ==

GET
H2 200 7bb527f910082f2c5a43.js Show response
dashboard.sezzle.com/customer/ 106 KB
55 KB 140ms
129ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7bb527f910082f2c5a43.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

3a09af7a73a0fed67ca0f5d4148f9da550c6ecdd4d3eac3fa146d67ff5df66d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: F8TUlGnAUNz35FwVF8ewR2yHdLPu5VdG
content-encoding: gzip
x-content-type-options: nosniff
age: 2919
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"c22009910762151f9deec369c0def500"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Cz3aHcRGJREJGn1dWAvQ8Zv28PzMM5E4lkzxCElq4jKPmopq96YW2w==

GET
H2 200 f218f8e324c49121a5ee.js Show response
dashboard.sezzle.com/customer/ 108 KB
27 KB 187ms
177ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/f218f8e324c49121a5ee.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

805cc4d6f62da45301cd673375fb6687c06c929984590b2c3c52c7f4b3b6c89a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: l9mnIl6CWkyO.JFP5tEtUaxYb2wz548h
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"31ae8af4905fd0558c0639ca63800000"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ospg7xhIZtbvWzULGmGLAzYpGtNC7YBpe0BPljJtV9mnCQtaJQSc-A==

GET
H2 200 74e6ea0fa586051c22b4.js Show response
dashboard.sezzle.com/customer/ 43 KB
12 KB 186ms
176ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/74e6ea0fa586051c22b4.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a333d8ac6e13a20b33aedc9b6ccb912e0b8e74de68099e17246fc8b0d22a142e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 8sJBSkqPjidKimAMQB6jRSWjs0nKVd4C
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:04 GMT
server
etag: W/"bc2a714eb7d8103bf39fe9d8918604bf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aFjRNF-GfJP0BEqYFilqmgEpeiAzPyo423bgvoPdewJow0gfX6qpbQ==

GET
H2 200 56c491a7206843e01e37.js Show response
dashboard.sezzle.com/customer/ 139 KB
31 KB 136ms
126ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/56c491a7206843e01e37.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a81d8b0ed1bd6f2cf4bf436baa4949c0e6ca2872ca0bcd8de987af1fd153b976

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: l4GPYhlgkLJMMsL.Xb4gr0UR6j9CG4c0
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"918813208325a4ea43c4edbd1667520b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: afz2YL6Sd5Wy4Nz7zwSi1pCg4lKcwb-ZPNWiL-eRWEEhzfqLCzx_1w==

GET
H2 200 2e9b9267e7ca4d867a28.js Show response
dashboard.sezzle.com/customer/ 85 KB
18 KB 186ms
177ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/2e9b9267e7ca4d867a28.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

54bcaab738f12bc64efbb3682017dcf157343ab550db304002880d57fe8ad760

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: w2X8_M0YvmcwkhL1xldzzRJRbtmK2C31
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:59 GMT
server
etag: W/"27e3638aa290198686ca38cf762c4828"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: IX4s4fi_Yz64smRfImMrwQZoXi2lGOhJ5Ykibr61MWDR0lUJnwmo1A==

GET
H2 200 4dd4c03f1eefd3c2dbea.js Show response
dashboard.sezzle.com/customer/ 18 KB
7 KB 188ms
178ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4dd4c03f1eefd3c2dbea.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

2d3ea739e10e1df54f7c4088baad87521523a47cd4138dcaa0094c3e39487c45

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: tZp7dLyAuYBoRcmD_GLX4_DeWO89FJox
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"d65247384b76d8f1c749ef6b030fb723"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: GIZnszt3AvFLeusv-RfILiZKLNaZJAlIDG45c5wglhGEIPmg-x_jeQ==

GET
H2 200 fe0f40e3ee4c11a23bd6.js Show response
dashboard.sezzle.com/customer/ 5 KB
4 KB 189ms
179ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fe0f40e3ee4c11a23bd6.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

fc77a3f2e123aa4efb360f2ec4b75caabb31c58c5a14fb7a59b994d3b17989f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fA8ZKIkqCzU1FASaoH7iOFYpaTGo0YNb
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"70019b4fe2da71a52ee3072a4c8d9808"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: SbMn9F7YChOn7ahjstEHRc8dYBj0XhRSCGGaxf_u_yUvDVmt8mBJGQ==

GET
H2 200 94c464aaf61d1f0bab63.js Show response
dashboard.sezzle.com/customer/ 14 KB
6 KB 198ms
189ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/94c464aaf61d1f0bab63.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

299a87a8277c1ce916155d0e217027fc523eab2384b588592ce9376e9dee2006

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: VAnefXyUuSWXFupJjPAxniwlrhFBQDyY
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"e03f9550135d4ff322230804198596bf"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: sOrtK7aFNlQBAWsrs1klCtIjpgZjI1fBaozBIGWJ8HwsF1oqofkSSw==

GET
H2 200 58f8214009a8118ebf14.js Show response
dashboard.sezzle.com/customer/ 94 KB
22 KB 190ms
181ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/58f8214009a8118ebf14.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

7f133b4d841dff6b2dad6f38d57a9dd5c570b772812c32d1f0599946b02ffef0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: bd62Mh8Xms6vjqeS_mLHBB8CwAuoCX1E
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"04138df43522fcddd776b30512fae2c8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: mITOmS8uWItot6s3wrH-t1EkQt9L6-p_LIzdtSUQt-G3XxPCWwE-Rg==

GET
H2 200 0b887b8b8a6e80682602.js Show response
dashboard.sezzle.com/customer/ 104 KB
23 KB 155ms
146ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/0b887b8b8a6e80682602.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

ac317bf8496a4d232247958a1be73e38318d06c580c0e53cfce3163cce75712d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: LceblY.EMTbZRgebjnjv62B1eq8RLMR6
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:53:55 GMT
server
etag: W/"c77164550fdce423f3d3b65a0f48a040"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: wxx2-xqY-yrQYfiIZXES3YeXpuWSzqyVUVARjzFs_n2knmzOIZQfJw==

GET
H2 200 fd7e32b060d3ef38e1a0.js Show response
dashboard.sezzle.com/customer/ 60 KB
15 KB 188ms
179ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/fd7e32b060d3ef38e1a0.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

a917a00626af95050f6ab8b93382d16e60d0346830e38c1e03e7add6383c3a75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 9uzXz3_g8sNVYU3YDyoqDJgFRZ70oNIL
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"fca3a8d3083a0f8eb9ecac124b319fd2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7KOB_FOlRSK8z2bMpL3evrVYL0IOc2Xj2IfsYra-b-86ZxHunPiyGg==

GET
H2 200 5008cd2c94ff6f78911a.js Show response
dashboard.sezzle.com/customer/ 89 KB
18 KB 190ms
181ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5008cd2c94ff6f78911a.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c910f3dcaf1b3fc20a9b6c11ebe877778fbdb6b2aa7e537aa1e8e5fe034e803f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: .kwo7ixlTYk8uBaQqrwHdZzpmWIhFQXE
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"0cd21453b0937b3dd506c9543710de63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4J-IyvUySuZmAtS2YvdfC-yDjkAVDeWkOygmbdfxjyDSi680BgjGpw==

GET
H2 200 8d42790f99d939480f91.js Show response
dashboard.sezzle.com/customer/ 122 KB
26 KB 190ms
182ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/8d42790f99d939480f91.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

4b08278581fa84850654186f4a5d37f9b296cf21f1917c90c6d1597110cc0a00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 0Fv0ko94lCjFTWuEVw0Bxf8wEBsChfV_
content-encoding: gzip
x-content-type-options: nosniff
age: 2918
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"86afbbd82e281677e5378f50dfe8e303"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XYTPcivGTuvWkPMkza1enRjGK7DcEubBnqqC5fD9b9kb1oqt2wP7mw==

GET
H2 200 e456cdd0215b3100fb2e.js Show response
dashboard.sezzle.com/customer/ 25 KB
8 KB 137ms
129ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e456cdd0215b3100fb2e.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

91350c99c9ce838d8890004fcde546ebbce0f0003dcaf2b9428e7b257b8f16b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: ijWNTS_VHYsJZAWsAb_7yEJ.ok_dfRmZ
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"9557e7e9433f3b3fde994b45d6dfe92e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: URFBVtcpLfX54gLqrcB3Fet-Qnq96cDFaen_dskCzH5IG1U4VnS75A==

GET
H2 200 cf6b7dd4bbf6045f1967.js Show response
dashboard.sezzle.com/customer/ 28 KB
7 KB 153ms
145ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/cf6b7dd4bbf6045f1967.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

10c2be6f77a3fa71ca4e42f8066abfe1c4d47e8ca801205f0bb3a186e593013d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: n8AYap2RqN3XRyWvPp0TJ5yt8A80o4tR
content-encoding: gzip
x-content-type-options: nosniff
age: 630
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"232ce4703c1d29faf8e4e0845f5ec413"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Hbdw1ymciNWnayQtrCjSDCK3lDFltSIwF-lu3mPudEtc9j28yRfjzA==

GET
H2 200 7c1e761f447d08b40a60.js Show response
dashboard.sezzle.com/customer/ 45 KB
11 KB 152ms
144ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/7c1e761f447d08b40a60.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

266316616704a66ea066029591c7ca4e67f8ff75f8ac04d3694376710a14e50f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: lLmbEXQYMleRaHW8sFnPO2pDoGvZGn37
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:05 GMT
server
etag: W/"e6df3e1348fa9b807bdaecc93fbed50e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: sk9T8c_ZH1yO6T5FuAqTo6Con43Zw_4ozo-y2p0Ul5Tz_dh0XnXQeQ==

GET
H2 200 e31088ea63554bc93e1c.js Show response
dashboard.sezzle.com/customer/ 113 KB
26 KB 192ms
184ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/e31088ea63554bc93e1c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

64a6354874e6e524ca1f04b74f93c549db39e0affee8cbebbfa2741f8f8cc689

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 1.Etw6H8mlivzesm.cYQOSyGKj4q8Z5Z
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:10 GMT
server
etag: W/"d26ac2d5eee2346e7ffeb7e0f8f95f25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1uT-WwKaBMLXbyGpTi31TErySi5n0T7AFC0Zn5bfvvKMvmdhgjCZlQ==

GET
H2 200 a40a81fae3dd1c871e9c.js Show response
dashboard.sezzle.com/customer/ 10 KB
5 KB 150ms
142ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a40a81fae3dd1c871e9c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

0b335749a1e0a6e2c844a0989b3aaee5d721aea660e4cfd10b24695cc072443a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Mh.PdK5ohn0wh5y55zxGMbo947VGUbQf
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"a21edf07e65c81a03477e621444c4af7"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: IKZ0ft42fbosn967Bdr2ZdZUwIYTPk0YG8ye0Az2HWxMkvGGRxnwRA==

GET
H2 200 676ea86fe2ead3a4a0cf.js Show response
dashboard.sezzle.com/customer/ 9 KB
5 KB 190ms
183ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/676ea86fe2ead3a4a0cf.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

1772ba0ab7e49ed2f43c7b7edb75b8132ab494773480d9f9efceb5701487b61e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: CJFe1o3j8w172FUhaIJhxIk6n1FzNGnn
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"9ae810b33fd712cad80450cb8c9620c6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HCVnkKzeSxyL-ZDTXQd12zPohrHakVCM0TQe2qk4vJfFT4HocoedUA==

GET
H2 200 91cbc3ee46d391c00919.js Show response
dashboard.sezzle.com/customer/ 87 KB
22 KB 197ms
189ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/91cbc3ee46d391c00919.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

38a45f0ea9c762e1d320d0c82aac79d3003e25f1433b4f6582aff94c5c8862fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: wL5zV5nrYW7jH9OeUsHPMQw.rhbJGBeQ
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:06 GMT
server
etag: W/"29c0cdb180709cb5487639233cfffa5d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hzybuRIfAduSEukC2F_rqYG9_eJK3Xib3l5_l4jbp3U5Stl1tema6g==

GET
H2 200 b98243c2e1819fa60573.js Show response
dashboard.sezzle.com/customer/ 15 KB
6 KB 192ms
185ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/b98243c2e1819fa60573.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

0eb370e2ba65eeb0cb70f476da9ad423328cbdf9578d7ae1ed5ab90861550c98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: wQIhAz5j2ZrgNpYmGCLz.WdLrC0NY3Xz
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"68ad2c89d7d1d1a78347509356c48a63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: RTSUcjq56dQt2UO8tAVoAzJcaHcUydm3SZyXrq96sOIllzniQGVzOw==

GET
H2 200 3d2f0d04fb7e8a0e169c.js Show response
dashboard.sezzle.com/customer/ 33 KB
11 KB 140ms
132ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/3d2f0d04fb7e8a0e169c.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

f2de4122efe112141dfbd6c764c7e3b0d5941c57e9e30c3db5b464a16e2a4c74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KszB0MEJiJ9Qe8untOAbSvaB0hn254WZ
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:00 GMT
server
etag: W/"07a9360341172667917ede27a31fb630"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2G-DqiVGhdl-BKXCzIagc6kts3qgdQAjYeJl7vQCbebSQiOevfXXXg==

GET
H2 200 4a642ee6463fcd85273b.js Show response
dashboard.sezzle.com/customer/ 214 KB
46 KB 190ms
183ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/4a642ee6463fcd85273b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

31eebbe9a7f787bd7d0f2f86a9339150d8a6d101569aa3a03f777495020e8800

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BeGxbXD5xTevhbGYaG8eK8KPb3jotQLL
content-encoding: gzip
x-content-type-options: nosniff
age: 2917
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:01 GMT
server
etag: W/"ee79a02e998076f4c5ad8a0f1c60a481"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: g3Q7rcOC9ND2GURzm8Ugx0Bc5KbvafGvir5sHPY54Q-o8D7JimZEhg==

GET
H2 200 acfe63f958747fb95948.js Show response
dashboard.sezzle.com/customer/ 125 KB
28 KB 138ms
131ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/acfe63f958747fb95948.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

e0da09ee26efd6fe00a8ed0e458d12ed13f2a2ebb132828f5b89edd05e17bdb5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: QsRBiDkny4Sr2BpUzv9Tn98jpZdPabBd
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"e4b7f0447ba5a9a8c6d29952dedccdb4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: oPfha7GeKtgvUufUU7excRogc_YkVMDrLKgM165IiNrFU3sxCGD2HQ==

GET
H2 200 9d99e9a0fb4fc6179e16.js Show response
dashboard.sezzle.com/customer/ 241 KB
52 KB 150ms
143ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/9d99e9a0fb4fc6179e16.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

5d8634da3d64179d9f4ea0f5539304c12263acdc8c3a914d7d1a51b42c3caf68

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 1x2FncnGCoHJKOnZP3QPKtHqgyvda9Dy
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:07 GMT
server
etag: W/"c06919bd6f7c362fff3180aac80eae68"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lp6ZxMEU-63mJ2sFTv3j1Wk776-BwRbCGSFUUGNUDNcAjKvNwdP0ig==

GET
H2 200 5fc75fa6cfa5e35a1828.js Show response
dashboard.sezzle.com/customer/ 130 KB
29 KB 140ms
133ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5fc75fa6cfa5e35a1828.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c9c03bccb34d6e726a28626f2ca18db67e3ca92efdf940f598a6c48fc5eee7e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fHZ_y1HAJdWN_RXS0DR5Ulqiaycc.j3i
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:03 GMT
server
etag: W/"d096d038bb351e8227c1c4cd728d0044"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VjzjHzHoykSxu8l8ymE7DYJn2UjPJIO8s4akxi1LuWBwMgNPhdAyfw==

GET
H2 200 ff4ef67634c6dabce17b.js Show response
dashboard.sezzle.com/customer/ 128 KB
29 KB 148ms
141ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/ff4ef67634c6dabce17b.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

af9704e7822702d3e0bf38f16c54be0e613b36b2e8c1aa59616c2c3896fa27a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: xFeuk43zhoanCW3Y.cmPJ1K_76r8bRZy
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:11 GMT
server
etag: W/"0db24f6f08e4d7f1bac426ac9bcfdc5d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 9USbwOiaaDP9dzOJjiByUdPweg0RVcK-xtwi5TwpzjXLuqNnC9ZpEQ==

GET
H2 200 d1e5d8374af1b4214e29.js Show response
dashboard.sezzle.com/customer/ 124 KB
27 KB 192ms
185ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/d1e5d8374af1b4214e29.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

c6689605c72a2e32bad99cf2eb278c6fcabdeb91e8d2c7c52f4181a07a4cf35c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: b38I.frXZTZhL9UxCKbBV35bcC1LRaPC
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:09 GMT
server
etag: W/"d3ae3d5c2869a203faff20d85369b19a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5ZBZJG0hf-WanmJWmgd1M0fUiP6h_JLRgBzMOUn03hwFrmXJZO3DbA==

GET
H2 200 5580a63e4197a196a5c3.js Show response
dashboard.sezzle.com/customer/ 128 KB
28 KB 197ms
190ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/5580a63e4197a196a5c3.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

741fab88f75482f0c773f850e7bf60fed803b51158368bcf192269267abd355a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: qxsim0_P40QrtoSZOmemUvshDdVjG3yW
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"2e45d30fb01a0e3d99f94c6ec16dd6ac"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: I2hIEbuGPCgU6XdT6LCDQ0Y01jROK51eJyDqHUeSkbCTDkUzSGfeZQ==

GET
H2 200 a865f1dd63eccf1c0ede.js Show response
dashboard.sezzle.com/customer/ 17 KB
8 KB 198ms
191ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/a865f1dd63eccf1c0ede.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

fba24e79f1255f365b46b70837e9201e45f045c3c5509bfc24240326820a1366

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: kFVcLdUhjK2p6fqFQd4zDw6FzZvG9qb7
content-encoding: gzip
x-content-type-options: nosniff
age: 2916
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 18:40:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:08 GMT
server
etag: W/"95aa1804f4495df5b2d478f16dff838c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DwuS8IgfhhqxonTRdY6tMm14RmS40-6LjXhHd1R2LdyXUy7iEUoPLw==

GET
H2 200 521a9bc1a9f66ccb5cbe.js Show response
dashboard.sezzle.com/customer/ 87 KB
38 KB 193ms
186ms Script
application/javascript 13.224.189.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.sezzle.com/customer/521a9bc1a9f66ccb5cbe.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-106.fra2.r.cloudfront.net

Software

Resource Hash

dd99c7f69185bd71c099066d43bf9a955fead8d03984e02359bb17f3562230e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KGyTvadmiF.pl40tUe4smg271clP2M6y
content-encoding: gzip
x-content-type-options: nosniff
age: 629
x-cache: Hit from cloudfront
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 08 Jul 2022 21:54:02 GMT
server
etag: W/"b04b8ef63995661f6870b3376775a2fd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
content-security-policy: default-src 'self' *.sezzle.com *.plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com *.fullstory.com *.googletagmanager.com stripe.com *.stripe.com *.google.com *.zdassets.com *.fontawesome.com *.sentry-cdn.com *.facebook.net *.ads-twitter.com *.licdn.com *.google-analytics.com *.twitter.com *.sezzle.com *.plaid.com *.gstatic.com *.mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net *.fontawesome.com *.googleapis.com https://*.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com *.zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net *.google-analytics.com *.googletagmanager.com google.com *.google.com lipis.github.io *.facebook.com *.doubleclick.net *.mathtag.com *.amazonaws.com data: blob:; font-src 'self' *.fontawesome.com https://*.typekit.net *.gstatic.com data: blob:; connect-src 'self' *.sezzle.com *.google-analytics.com *.googleapis.com *.doubleclick.net *.zdassets.com sentry.io *.sentry.io *.zendesk.com *.fullstory.com *.fontawesome.com https://sdk.iad-06.braze.com https://*.zopim.com wss://*.zopim.com blob: data:; frame-src 'self' *.sezzle.com *.plaid.com *.google.com *.stripe.com *.mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' *.sezzle.com; prefetch-src 'self' *.sezzle.com *.plaid.com; frame-ancestors 'self' *.sezzle.com *.target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud *.gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://*.sandbox.us01.dx.commercecloud.salesforce.com *.travel.win travel.win reservewithrex.com *.reservewithrex.com driveshack.com *.driveshack.com puttery.com *.puttery.com *.auruspay.com *.aurusepay.com stripe.com *.stripe.com *.bestbuy.com bestbuy.com *.dollargeneral.com;
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: xOjgoDGDDhNpZAYIHa100oyuZdWrUstBEgKTWM1TOv2JRT_nPibDgw==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 25 KB
7 KB 76ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c87bcfd99d702dcd06a7050cc19fd5ccb9df144517fc93011665f29fc59c4e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: TJ8K3NFXNTYZV720
x-amz-id-2: bPgxtbF8rB+PPozTg1+MzsaG0imcbm3WNH9yc1+JpjUZKHz9f9m98lwmWdlbpbz885aNgzf1vAI=
last-modified: Fri, 17 Jun 2022 01:45:03 GMT
server: cloudflare
etag: W/"849867326d4153b0b5f2aab8a1b9a9e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGAYlZTJRnDK7QZcbjo0S%2BXMwMeoKtL0PkwGSLAoNriklI4n4pIpXYDdpn4vIaSf31gZTbgIsmvYwx%2FMN%2Bwi3%2BLOzvRmW%2Be%2FZ0bWperb7vJBqdh3B2OZyPUGStPP6159WMGAUpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: P0tK62QxqzzCuI1Y7b5gLbbNEDqycYfA
cf-ray: 72a46cd55bb49a41-FRA

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap

Requested by

Host: media.sezzle.com
URL: https://media.sezzle.com/style-guide/css/sezzle-global-4.1.9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

370b249474328d7657de3b80acbe154049acfaee5b738fb5786dfe399ebbcd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://media.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 19:29:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 13 Jul 2022 19:29:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 265 KB
82 KB 156ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

246dffcc6f948d6f7dba15fe52e7fb21e52fa622be7f5052aa7759563487b667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83041
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 57ms
6ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e0e0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=dji1nuv&ht=tk&f=22797&a=84259179&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/dji1nuv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e0e0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 315 KB
53 KB 63ms
27ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=32f48e933a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 11578000
etag: "610ae215-d3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 72a46cd549d69113-FRA
content-length: 54194

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 79ms
42ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=32f48e933a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 11680587
etag: "610ae215-1062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 72a46cd549d99113-FRA
content-length: 4194

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.4/css/ 27 KB
3 KB 78ms
41ms Fetch
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=32f48e933a
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/32f48e933a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 372740
etag: "610ae215-a2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 72a46cd549da9113-FRA
content-length: 2603

GET
H2 200 f5e28690-e3b9-4eab-8d64-51d4051e7e96 Show response
ekr.zendesk.com/compose/ 430 B
1 KB 254ms
195ms XHR
application/json 162.159.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zendesk.com/compose/f5e28690-e3b9-4eab-8d64-51d4051e7e96

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

162.159.128.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15cb59031be4f1fb4d69d3f507d8c22b23f12f54b3031411b17ca071c5e55fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 72a46cd5fc329b31-FRA
status: 200 OK
x-envoy-upstream-service-time: 4
access-control-allow-methods: GET, POST, OPTIONS
vary: Origin, Accept-Encoding
x-zendesk-zorg: yes
x-request-id: 25f6fd55dd597e8abf30dc20c8ae61ee, 25f6fd55dd597e8abf30dc20c8ae61ee
x-runtime: 0.003204
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"15cb59031be4f1fb4d69d3f507d8c22b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgPWjBePXHCTIhi3yhj4e5ZOdzbmmCevUp3ZkJdgoMw%2FHJwzbS6SC8Hfxzkt7n88y7iasE4xjqLdcZihVs9gYx21ktXrrG4VMGxbQkIunKjwK%2BuXFe7xCbpZ%2BGqbVQtmrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type: application/json; charset=utf-8
access-control-expose-headers

OPTIONS
H2 200 create-session
api.sezzle.com/v1/event/ Frame 0
0 532ms
170ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Content-Type, Access-Control-Allow-Credentials, X-SezzleInc-Client, *
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

OPTIONS
H2 200 supported-countries
api.sezzle.com/v3/users/ Frame 0
0 398ms
172ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: x-sezzleinc-auth-resource,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, X-SezzleInc-Device-Info, X-SezzleInc-Flags, sentry-trace, baggage, *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-session Show response
api.sezzle.com/v1/event/ 0
773 B 521ms
183ms XHR
text/plain 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-session

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/5b656516976b3db93b04.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

HEAD
H2 204 version Show response
api.sezzle.com/v3/metrics/ 0
884 B 410ms
171ms XHR
text/plain 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/metrics/version?app=sezzle-customer-dashboard&version=1db7187e84d5ac43df59434cafb4576c4eb852c6

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/71f4ca62de724b4fa96f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

GET
H2 200 v3 Show response
js.stripe.com/ 317 KB
75 KB 66ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/4bbaa92518171057b28e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

28e03d95de1d6444e26efc6484735604a2b3018292b522809e8ecf7d67c0bac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 53
x-cache: HIT
content-length: 76256
etag: "0ed27c137ff2075b7e21e3fd0d55bef3"
x-request-id: a79190ba-febf-427e-b50a-fcf586ff3dac
x-served-by: cache-hhn4036-HHN
access-control-allow-origin: *
last-modified: Mon, 11 Jul 2022 22:30:55 GMT
server: Fastly
date: Wed, 13 Jul 2022 19:29:02 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

POST
H2 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 2 B
280 B 142ms
39ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 supported-countries Show response
api.sezzle.com/v3/users/ 484 B
1 KB 505ms
169ms XHR
application/json 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v3/users/supported-countries

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-FP: undefined
accept-language: de-DE,de;q=0.9
X-SezzleInc-Auth-Resource: dashboard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Trk-ID

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block;

GET
H3 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ 345 B
257 B 124ms
77ms Fetch
application/json 2a00:1450:4014:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/f01da759af908742b530.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 234
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/ Frame 0
0 150ms
73ms Preflight
text/html 2a00:1450:4014:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:376775305716:web:35927998be844cb88431a1/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 13 Jul 2022 19:29:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
69 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

265d9d48e62f691b091d38decd33bdd0a8735a795a2e53c28cf4f2ff75c19d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70867
x-xss-protection: 0
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: GH2Rtieg2W7VPaN1kZFVm3reUM6mIVq0nFaD1Qk5kVzHWWMquFJ06FUVya2ak38K9DOOCr9dOGm4ky2NwZIAzQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 13 Jul 2022 19:29:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 103 KB
40 KB 134ms
48ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-PT4J8GM

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faa31b4c1e091eb9ad03faba986aa6ef96af89a61c0dfbede260426690dff751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40534
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 101ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kjyo7100126-IAD, cache-hhn11557-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 31ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 19:29:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44731
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET bat.js
bat.bing.com/ 0
0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 195 KB
69 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-1MJLY6RLKW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69b41f55b1e7ef9d4a3f06d9578f7c48c7fffecec759348ba8512315d3cd7741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70922
x-xss-protection: 0
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
69 KB 70ms
69ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1MJLY6RLKW

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f31ce377e43068f03f0619869467481ffaeb136e3f955aa583d7c0b749b6135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70785
x-xss-protection: 0
expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 48ms
18ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1564537&mt_adid=249070&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x14 config:1.0.0 /
Resource Hash: 472011ddcea684042db4e8e322d8a947158cac28b0fabe7c329609b66ec7ec59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 19:29:02 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Wed, 13 Jul 2022 19:29:01 GMT

GET 6195602f264b7f0014449dea
ws.zoominfo.com/pixel/ 0
0

GET
H2 200 1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2
fonts.gstatic.com/s/comfortaa/v40/ 20 KB
21 KB 124ms
42ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/comfortaa/v40/1PtCg8LJRfWJmhDAuUsSQamb1W0lwk4S4WjMXL830efAesmwYSFoxBEP_I0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@400;700&family=Nunito:wght@400;700&family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

858e97143a99eaf7b6c6495bdeb08aedfc73b5f8b39a7b3de047d4951190f891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 17:18:28 GMT
x-content-type-options: nosniff
age: 7835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20596
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:18:28 GMT

GET
H2 200 web-widget-framework-e651106d52c621064518.js Show response
static.zdassets.com/web_widget/latest/ Frame 0F91 169 KB
56 KB 34ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f5e28690-e3b9-4eab-8d64-51d4051e7e96

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c4375755f86089630a9d0013451ffa50d2977611a84937ca100bfcab6406dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577457
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0BB9HNKC0EMSJRQQ
x-amz-id-2: G0KepavvznMp4b0cQi0JF2jY7mlGljhCgTpn5MMb/zEVAW227IpFiaqbkv2FKqlBX0F+6OD3g40=
last-modified: Wed, 06 Jul 2022 12:29:14 GMT
server: cloudflare
etag: W/"b1b4f81ed40b58d11f9f85d135f0d38b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UX3dXeTRQIrO3zcohEDgDJnTduzedOG%2FTaBSYO01ca5XlBr6dDON1i25wh%2BBRMml%2FWMEceQO42XBygsoHzwjxcCXXsZE2yExn%2Bpo6H2ryp9z1S9NhYvd0xsru3BjCtwHycsa6ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: OFeOaphvV0SMn8uKhoyBXq3dza92qz7t
cf-ray: 72a46cd9ab2a9a41-FRA
expires: Thu, 06 Jul 2023 12:29:12 GMT

GET
H3 200 355731011522150 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 346ms
335ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/355731011522150?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41805f96ffbdb4f7f2318e0593e225d1c3ae9520767f322bee225bbf339c2d2d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: AtTO3sR7NwtVC35sUJ00M1BM+bWjd25jqVu//DOjLGZvYC6CZzLfIQa3nrlKezfW2dqD6SSXXxaSZojQf35f1g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657740543325
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET collect
px.ads.linkedin.com/ 0
0

GET adsct
t.co/i/ 0
0

GET adsct
analytics.twitter.com/i/ 0
0

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
341 B 57ms
18ms Ping
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1MJLY6RLKW&cid=2127895446.1657740543&gtm=2oe7b0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1MJLY6RLKW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 19:29:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 02BD 705 B
1 KB 21ms
21ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=156062cf-1cfe-4900-9298-6a1e6054b8ae&no_iframe=1&mt_adid=249070&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1564537&mt_adid=249070&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x31 config:1.0.0 /
Resource Hash: 0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 705
Content-Type: text/html
Date: Wed, 13 Jul 2022 19:29:03 GMT
Expires: Wed, 13 Jul 2022 19:29:02 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master cdg-pixel-x31 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 34ms
20ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 19:29:03 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1386
date: Wed, 13 Jul 2022 19:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 13 Jul 2022 21:05:57 GMT

GET
H2 200 config Show response
sezzle.zendesk.com/embeddable/ Frame 0F91 1 KB
2 KB 248ms
202ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9a7a913ff45ec40d0d1de3bc758d84bb01d68b6670721675dc2d9bd9e4750e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
x-envoy-decorator-operation: embeddable.embeddable.svc.cluster.local:80/*
vary: Origin, Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-765c4b944b-54r5p
x-envoy-upstream-service-time: 6
zendesk-api-version: 2022-01-01
access-control-allow-methods: GET
content-encoding: br
x-cached: MISS
x-request-id: 758dad6b8dffb4ea3f662d37a6556926
x-runtime: 0.001867
last-modified: Tue, 12 Jul 2022 22:14:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jObURSe%2B%2BrqVDNp%2B297eXBUW5lmkFAtn12sDRuz%2FMVjnAl%2BmksFgFay9vfesKSn0R9%2BPBviXv%2B3t8QOZ1LeNd3Dda714TcvkrIZWK6a64YgD2uql3oWpb1j3uebuh6wq8uIyaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 72a46cda7a0dbbb6-FRA

POST
H3 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ 625 B
512 B 416ms
342ms Fetch
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/f01da759af908742b530.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

243f9d779ad08be3c821c3298adcc3afe6e5fccb8b44074166ef40d10e50a2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.sezzle.com/
x-goog-api-key: AIzaSyAvS0AT-uFIXu8Wr3uYOZJNlKBL_Yb81N0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMjUgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjI1IGZpcmUtanMvIGZpcmUtaWlkLzAuNS45IGZpcmUtaWlkLWVzbTIwMTcvMC41LjkgZmlyZS1hbmFseXRpY3MvMC43LjkgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjcuOSBmaXJlLWpzLWFsbC1hcHAvOS44LjIiLCJkYXRlcyI6WyIyMDIyLTA3LTEzIl19XX0
content-type: application/json

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 489
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/ Frame 0
0 143ms
45ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/sezzlemobile/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 13 Jul 2022 19:29:03 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 02BD 43 B
525 B 19ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=156062cf-1cfe-4900-9298-6a1e6054b8ae&no_iframe=1&mt_adid=249070&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master zrh-pixel-x26 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=156062cf-1cfe-4900-9298-6a1e6054b8ae&no_iframe=1&mt_adid=249070&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 19:29:03 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 13 Jul 2022 19:29:02 GMT

POST
H2 401 auth-status Show response
api.sezzle.com/v4/users/ 24 B
958 B 338ms
170ms XHR
application/json 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v4/users/auth-status

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Trk-ID: 6a52e5fe-855e-4ded-8638-f00e34ae9b2d
Content-Type: application/json
Accept: application/json
Referer: https://dashboard.sezzle.com/
X-SezzleInc-Device-Info: {"model":"","type":"","vendor":""}
X-SezzleInc-FP: c5c3d231aecb8a72e92e1eb6b8cbebf1
X-SezzleInc-Auth-Resource: dashboard

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: X-SezzleInc-OTP, X-SezzleInc-FP, X-Pin-Reset-Token, Set-Cookie, Cookie, Host, Content-Disposition, CheckoutUUID, *
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 24
x-xss-protection: 1; mode=block;

OPTIONS
H2 200 auth-status
api.sezzle.com/v4/users/ Frame 0
0 174ms
174ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v4/users/auth-status

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-auth-resource,x-sezzleinc-device-info,x-sezzleinc-fp,x-sezzleinc-trk-id
Access-Control-Request-Method: POST
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Host, Cookie, Set-Cookie, Accept, Origin, Authorization, Content-Type, X-SezzleInc-OTP, X-Pin-Reset-Token, X-NPS-Token, X-SezzleInc-Refresh-Token, Access-Control-Allow-Credentials, Set-Cookie, X-SezzleInc-FP, CheckoutUUID, Cache-Control, X-SezzleInc-Checkout-UUID, X-SezzleInc-Auth-Resource, X-SezzleInc-Trk-ID, X-SezzleInc-Client, X-SezzleInc-Mode, X-SezzleInc-Device-Info, X-SezzleInc-Flags, sentry-trace, baggage, *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
61 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abd102f0705b25074ca8daaba3953839e08dfc372368174a3b8d3c97bc508960

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62545
x-xss-protection: 0
expires: Wed, 13 Jul 2022 19:29:03 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 43ms
43ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=137146823&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&dp=%2Fcustomer%2Flogin&ul=en-us&de=UTF-8&dt=Sezzle%20Customer%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAAC~&jid=187262540&gjid=1228684798&cid=2127895446.1657740543&tid=UA-72079130-32&_gid=891140036.1657740543&_r=1&gtm=2wg7b0MX2HJWM&z=501599139

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 103ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB5QYFCQBC&gtm=2oe7b0&_p=137146823&_z=ccd.v9B&_fid=fZ3ijotQDZTd3wkEkM94KU&cid=2127895446.1657740543&ul=en-us&sr=1600x1200&_s=1&sid=1657740543&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_ss=2&_ee=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB5QYFCQBC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 19:29:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 55ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-72079130-32&cid=2127895446.1657740543&jid=187262540&gjid=1228684798&_gid=891140036.1657740543&_u=YADAAEAAQAAAAC~&z=1559606333

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 13 Jul 2022 19:29:03 GMT
content-type: text/plain
access-control-allow-origin: https://dashboard.sezzle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 140ms
60ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72079130-32&cid=2127895446.1657740543&jid=187262540&_u=YADAAEAAQAAAAC~&z=1898102217

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 web-widget-classic-7c2ace3.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0F91 13 KB
4 KB 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-7c2ace3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a24c81e86571512ea0c79ebdf51485e4968d43a29b9692b15038ec001416480

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577458
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0BBFACXSGFC4BJF9
x-amz-id-2: 4obIvIk/JtQWZpHriGawXl81mgYC5eBYJJQOz/VywRqaPcFRjiDse4S0H3FuxfpONIhKcY7AJUc=
last-modified: Wed, 06 Jul 2022 12:29:30 GMT
server: cloudflare
etag: W/"aaa34435660f23e7e16f2de9a1ec7888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gJww%2Fnkj4LYdMxqtk3Uz3Hfm33qXF4ak%2Bieai6ez57f7lztjSDkGPdiAOeUjpUFerK93e6cVjtD7RdX7TThxThuDiz8DxNTItku80amWyrcN7ihF2FoHtJYePecFOYUqkXMjDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 1vDXVX4tEuaXEpk6M9SqlDYCNwbn5VR7
cf-ray: 72a46cdbbeb59a41-FRA
expires: Thu, 06 Jul 2023 12:29:29 GMT

GET
H2 200 web-widget-747-7c2ace3.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0F91 645 KB
189 KB 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-747-7c2ace3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-7c2ace3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7bc2f983617c2e5281aa12c51be37ea896c74c79b840ca07efc458fe12e50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577458
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0BBAZXSQMWD7C1X3
x-amz-id-2: lCj68MlMSZpxSHLDZbh/sreHVb4/KpLFcwCJ2vRmSxjQeXOOmith2dbRuTcCniebWrBCgajRz80=
last-modified: Wed, 06 Jul 2022 12:29:30 GMT
server: cloudflare
etag: W/"58cf7c6c289b81f5f6440360c2263ddb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdV8p6AF2fR0to2VN7h1qitWgPZADX%2BTpFWC3Wzc2SpMMIHLltDZKZpGPffkPXEb6OMl3Qs2%2BdbtvJX19UGCgoy%2F3igO0xygh262FxP7wSSJn1qZitYARLQ3XTWyp82CqeH7iWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: M8evQ1mNKg3veiR6Jldmz2l6gOknSlH.
cf-ray: 72a46cdbff2b9a41-FRA
expires: Thu, 06 Jul 2023 12:29:29 GMT

GET
H2 200 web-widget-8961-7c2ace3.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0F91 467 KB
105 KB 34ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-8961-7c2ace3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-7c2ace3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d6f58849e2ca27962efc6695fd774074ea2f01019d45b91dab71ec8b69286e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577458
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0BB5A4RPQ5NFG4AC
x-amz-id-2: i+mUIUhKGgbO1yRGkReUZjQmbuGJ3XrijCExO1yDkCLe6z8QWEzhQsLkyAmISTJOjMEbsXXGgr4=
last-modified: Wed, 06 Jul 2022 12:29:30 GMT
server: cloudflare
etag: W/"2b12996c82e0b4cf5161fc0f19aa332d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8otTAyC9t9lniqbe7bykpAgrfa10x7Axm%2B9JVOaokEvTOdvFvNBYozKKwWZezuwuPj8dWczsIg%2BbGokhvNA%2FQ6nhWAXIkyJLSjouXoHdffUU7S66AzLmtO6LVGNIyK2vKt40Uv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CJ3xpVEm4mmVWBoXRy3sMusBrq9jPc85
cf-ray: 72a46cdbff2f9a41-FRA
expires: Thu, 06 Jul 2023 12:29:29 GMT

GET
H3 200 805817303491823 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 230ms
230ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/805817303491823?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8fbea840649683638aa2b51ff23bb57f8acd9200ff44620f0091798b47025135

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 5UC+ZnHF/0sAxRZ0v6kafOKWQ/jiuUFqbkhG/jNT0h8X4nsykELdWCVi8tTVCYnh9jVqCNjXN094c6QpcC+HhA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657740543588
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=355731011522150&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&rl=&if=false&ts=1657740543362&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657740543361.1942054458&it=1657740542982&coo=false&exp=u0&rqm=GET

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 13 Jul 2022 19:29:03 GMT

GET
H2 200 embeddable_blip Show response
sezzle.zendesk.com/ Frame 0F91 0
354 B 206ms
206ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAzLjAuNTA2MC41MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiOTM4NDkxNDBhNTY3NGY4ZGJiZTJhOGQ1YTUzZmEyZjYiLCJzdWlkIjoiYjA2MTY1NDUxZDU5NDI0OWI5ZWViZmU0MzBlYmE0ODciLCJ2ZXJzaW9uIjoiN2MyYWNlMyIsInRpbWVzdGFtcCI6IjIwMjItMDctMTNUMTk6Mjk6MDMuNDkwWiIsInVybCI6Imh0dHBzOi8vZGFzaGJvYXJkLnNlenpsZS5jb20vY3VzdG9tZXIvbG9naW4%2FdXRtX2NhbXBhaWduPXRyYW5zYWN0aW9uYWwmdXRtX21lZGl1bT1jaGVja291dCZ1dG1fc291cmNlPXRyYW5zYWN0aW9uLWVtYWlsJnV0bV9jb250ZW50PW9yZGVyLWNvbXBsZXRlZCZ1dG1fdGVybT0ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: 309b1ce6155fbf939d5b411d5a52e462
last-modified: Wed, 13 Jul 2022 19:29:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHkbpLHyEMhK9B6ysilojrE9KyIxojcshbVp1U8RuO%2Fuo6H0EzuXEK9XKdN0Yd41SQcEFHdAn%2FhOBWx9g228VtIya%2Bm76UzUGzWajGCCcC%2BuBKxqM4clJFAxZhlTG%2FwLO4JaBg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 72a46cdcdeadbbb6-FRA

GET
H2 200 embeddable_blip Show response
sezzle.zendesk.com/ Frame 0F91 0
288 B 198ms
198ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiYXV0aGVudGljYXRlIjp7ImhlbHBDZW50ZXIiOmZhbHNlLCJjaGF0Ijp0cnVlfSwiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZX19fSwiYnVpZCI6IjkzODQ5MTQwYTU2NzRmOGRiYmUyYThkNWE1M2ZhMmY2Iiwic3VpZCI6ImIwNjE2NTQ1MWQ1OTQyNDliOWVlYmZlNDMwZWJhNDg3IiwidmVyc2lvbiI6IjdjMmFjZTMiLCJ0aW1lc3RhbXAiOiIyMDIyLTA3LTEzVDE5OjI5OjAzLjUwMFoiLCJ1cmwiOiJodHRwczovL2Rhc2hib2FyZC5zZXp6bGUuY29tL2N1c3RvbWVyL2xvZ2luP3V0bV9jYW1wYWlnbj10cmFuc2FjdGlvbmFsJnV0bV9tZWRpdW09Y2hlY2tvdXQmdXRtX3NvdXJjZT10cmFuc2FjdGlvbi1lbWFpbCZ1dG1fY29udGVudD1vcmRlci1jb21wbGV0ZWQmdXRtX3Rlcm09In0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: feb9d2faa9304ec38ad24af03602c40b
last-modified: Wed, 13 Jul 2022 19:29:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSOcGjJkZd%2Bx1WlxNn%2Facou79yKY7AS3uRQ7u%2FNp6x20XYeIaQflXV6dr%2FV0A84kGZUsHa7yb2tPcpj4Ao7lxb1YoKj25CtoWpdbAJ59ZjEsSS0hdB94tVb%2F%2FF%2FzssuVXnsVCA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 72a46cdceec0bbb6-FRA

GET
H2 200 de-de-json-7c2ace3.js Show response
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 0F91 27 KB
7 KB 25ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-7c2ace3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-7c2ace3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577457
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8XW4AQWYCXKR5V2Q
x-amz-id-2: q7s+rBAV3lw9NODMoZLfMcgzemLDi6kCBdSKio6DQSYX1tW54ymk176tjQrDPASfWhH8ZrJvYKg=
last-modified: Wed, 06 Jul 2022 12:29:31 GMT
server: cloudflare
etag: W/"dee0c6a89a545cab72e7f62ab96b94c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFjLcO7cEit0uoobwa5EDOxH3eQd8lHtaQGC2%2FRNTewNeVhoUNNZs%2FA%2BFk9YJ5JjvXoLDwbc%2FIqDP%2BLkdcgNCMTX4NPPBST87MMbSb8T6Ew7EAy5KDXz2HHyrmHUwXBgDKFyoEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nIMfT3a55nzH1TdVEwUofofFxfFxCf9D
cf-ray: 72a46cdce9219a41-FRA
expires: Thu, 06 Jul 2023 12:29:30 GMT

GET
H2 200 web-widget-chat-sdk-7c2ace3.js Show response
static.zdassets.com/web_widget/latest/classic/ Frame 0F91 202 KB
51 KB 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-7c2ace3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-7c2ace3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577457
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 8XW9RDFEV42SQ4T7
x-amz-id-2: jSLs/YkMMEq9rNpDkKWgdprcU+vsYPz4xMJoqtBqJTN25jvY8qMq8Vcz/pXdyxVkeolploOlmQ4=
last-modified: Wed, 06 Jul 2022 12:29:30 GMT
server: cloudflare
etag: W/"865d0cd066636165cf7f35fb97a1d90d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3xPUEucZz4s%2BjVbC6CMm6Lw0nG8Va00wDaDZJhFl2GE5cqVxBEjTVnDjVG9ZRzj6znG4YDoWqVMqeBQCimzvRp7dHcBbFWYxE8jNdp7hUsocf2RMVRNmRqhhO0XZwIWuXOxupk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 91QDLxqOHE1vrgotTLuBG8DqKzS9fnjb
cf-ray: 72a46cdd29a29a41-FRA
expires: Thu, 06 Jul 2023 12:29:29 GMT

GET
H2 200 embeddable_blip
sezzle.zendesk.com/ Frame 0F91 0
0 209ms
209ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sezzle.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InRpbWUiOjgyLCJsb2FkVGltZSI6NTAuMjk5OTk5MjM3MDYwNTUsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJTZXp6bGUgQ3VzdG9tZXIgRGFzaGJvYXJkIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNiIsImlzTW9iaWxlIjpmYWxzZSwiaXNSZXNwb25zaXZlIjp0cnVlLCJ2aWV3cG9ydE1ldGEiOiJ3aWR0aD1kZXZpY2Utd2lkdGgsaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZSwicmVmZXJyZXIiOiJodHRwczovL2Rhc2hib2FyZC5zZXp6bGUuY29tL2N1c3RvbWVyL2xvZ2luP3V0bV9jYW1wYWlnbj10cmFuc2FjdGlvbmFsJnV0bV9tZWRpdW09Y2hlY2tvdXQmdXRtX3NvdXJjZT10cmFuc2FjdGlvbi1lbWFpbCZ1dG1fY29udGVudD1vcmRlci1jb21wbGV0ZWQmdXRtX3Rlcm09In0sImJ1aWQiOiI5Mzg0OTE0MGE1Njc0ZjhkYmJlMmE4ZDVhNTNmYTJmNiIsInN1aWQiOiJiMDYxNjU0NTFkNTk0MjQ5YjllZWJmZTQzMGViYTQ4NyIsInZlcnNpb24iOiI3YzJhY2UzIiwidGltZXN0YW1wIjoiMjAyMi0wNy0xM1QxOToyOTowMy41NzJaIiwidXJsIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc2V6emxlLmNvbS9jdXN0b21lci9sb2dpbj91dG1fY2FtcGFpZ249dHJhbnNhY3Rpb25hbCZ1dG1fbWVkaXVtPWNoZWNrb3V0JnV0bV9zb3VyY2U9dHJhbnNhY3Rpb24tZW1haWwmdXRtX2NvbnRlbnQ9b3JkZXItY29tcGxldGVkJnV0bV90ZXJtPSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-e651106d52c621064518.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
zendesk-api-version: 2022-01-01
content-length: 0
x-zendesk-zorg: yes
x-request-id: d7a356817b06ba9710be574e69b33be3
last-modified: Wed, 13 Jul 2022 19:29:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLjTEulwuc2qkY7sFUBpiSIZUQSC%2BrxAPFBY1xZUxPecbau%2Fshx1cmbO6HX7peYODzEFf9BlMc1Hg39JHFR8t140wlvxOPiqsw7v8aFo6rwienzEo3A2PLNJJ26lwLWBxcGjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 72a46cdd5fc5bbb6-FRA

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
62 KB 133ms
48ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/f0bbbcbef98f212fdab2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:29:24 GMT
content-encoding: br
age: 3579
x-guploader-uploadid: ADPycdugDcPEbCMTEi4PpdjiBQmzs3NRFL2EsP_YQvWnG2pgqM3xqwVCV9abm46YazCk_sTWslHYVlJYgBdUNPBWY_uc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62689
last-modified: Tue, 14 Jun 2022 13:47:35 GMT
server: UploadServer
etag: "58807cfecad85abbba7b673538b5fc32"
vary: Accept-Encoding
x-goog-hash: crc32c=JC9AAw==, md5=WIB8/srYWru6e2c1OLX8Mg==
x-goog-generation: 1655214455844030
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62689
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 13 Jul 2022 19:29:24 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 create-event
api.sezzle.com/v1/event/ Frame 0
0 170ms
170ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Content-Type, Access-Control-Allow-Credentials, X-SezzleInc-Client, *
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
773 B 184ms
184ms XHR
text/plain 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=805817303491823&ev=PageView&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&rl=&if=false&ts=1657740543636&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1657740543361.1942054458&it=1657740542982&coo=false&exp=u0&rqm=GET

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 13 Jul 2022 19:29:03 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 26ms
25ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1564540&mt_adid=249070&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x34 config:1.0.0 /
Resource Hash: 472011ddcea684042db4e8e322d8a947158cac28b0fabe7c329609b66ec7ec59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 13 Jul 2022 19:29:03 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Wed, 13 Jul 2022 19:29:02 GMT

GET
H2 200 Sezzle_Logo_FullColor_WhiteWM.svg
media.sezzle.com/branding/2.0/ 6 KB
3 KB 24ms
23ms Image
image/svg+xml 2600:9000:224a:3000:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/branding/2.0/Sezzle_Logo_FullColor_WhiteWM.svg
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3000:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 02:17:21 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 61902
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 11 Feb 2020 17:10:33 GMT
server
etag: W/"0fb7c8e946de60d298e697e3143a598e"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Yga8-Lcs97lWVgE3nF0YyfHHUPmJnb7S19_Iq_IQid5V8QVmYFhXPA==

GET
H2 200 ipdetails Show response
geoip.sezzle.com/v1/geoip/ 234 B
1 KB 601ms
169ms XHR
application/json 44.240.75.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://geoip.sezzle.com/v1/geoip/ipdetails

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.240.75.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-75-20.us-west-2.compute.amazonaws.com

Software

Resource Hash

031ad05ef344de024d8a2343efc1d672cdb23ae611d11a50fbf460bc6e8eb48b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
content-length: 234
x-xss-protection: 1; mode=block;

POST
H3 200 / Show response
o215203.ingest.sentry.io/api/1367589/envelope/ 41 B
59 B 125ms
31ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o215203.ingest.sentry.io/api/1367589/envelope/?sentry_key=e246447fd006401c9579df5fec058052&sentry_version=7

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

436a2baf9737597a3c6b3fedf1d123742136e59786c34d57c9e2718512f87537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Jul 2022 19:29:03 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://dashboard.sezzle.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 200 page Show response
rs.fullstory.com/rec/ 8 KB
2 KB 767ms
727ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 09f23a0378fd4e28634e801acb9132f365edfa93bcf802ee99c297fb40dab3d3

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1826
via: 1.1 google

OPTIONS
H2 200 create-event
api.sezzle.com/v1/event/ Frame 0
0 170ms
169ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Content-Type, Access-Control-Allow-Credentials, X-SezzleInc-Client, *
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
773 B 186ms
186ms XHR
text/plain 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 9CE5 240 B
572 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.sezzle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1277906
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Jul 2022 19:29:03 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 423521
x-content-type-options: nosniff
x-request-id: 688b41e4-033f-4830-b5e9-04fe093bd4af
x-served-by: cache-hhn4036-HHN

PUT
H2 204 create-event Show response
api.sezzle.com/v1/event/ 0
773 B 183ms
183ms XHR
text/plain 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-SezzleInc-Client: web_customer_dashboard
Content-Type: application/json

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://dashboard.sezzle.com
access-control-allow-credentials: true
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-xss-protection: 1; mode=block;

OPTIONS
H2 200 create-event
api.sezzle.com/v1/event/ Frame 0
0 171ms
170ms Preflight 34.214.61.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sezzle.com/v1/event/create-event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.214.61.66 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-61-66.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net .fullstory.com .googletagmanager.com .google.com .getclicky.com .getdrip.com .pingdom.net .pardot.com .freshdesk.com .freshchat.com data:; style-src 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' .fullstory.com .googletagmanager.com .google.com .getclicky.com; media-src * .getdrip.com .pingdom.net d36mpcpuzc4ztk.cloudfront.net .freshdesk.com .freshchat.com; frame-src * ; worker-src * blob: ; child-src *
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-sezzleinc-client
Access-Control-Request-Method: PUT
Origin: https://dashboard.sezzle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Content-Type, Access-Control-Allow-Credentials, X-SezzleInc-Client, *
access-control-allow-methods: GET, PUT, POST, DELETE
access-control-allow-origin: https://dashboard.sezzle.com
access-control-max-age: 50
content-length: 0
content-security-policy: default-src * 'self' 'unsafe-inline' 'unsafe-eval' ; script-src * 'self' 'unsafe-inline' 'unsafe-eval' d3svog4tlx445w.cloudfront.net *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com *.getdrip.com *.pingdom.net *.pardot.com *.freshdesk.com *.freshchat.com data:; style-src * 'self' 'unsafe-inline' d34uoa9py2cgca.cloudfront.net d3svog4tlx445w.cloudfront.net unpkg.com d36mpcpuzc4ztk.cloudfront.net; img-src * data: blob:; font-src * data:; connect-src * 'self' *.fullstory.com *.googletagmanager.com *.google.com *.getclicky.com; media-src * *.getdrip.com *.pingdom.net d36mpcpuzc4ztk.cloudfront.net *.freshdesk.com *.freshchat.com; frame-src * ; worker-src * blob: ; child-src *
date: Wed, 13 Jul 2022 19:29:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block;

POST
H2 200 csp-report
q.stripe.com/ Frame 9CE5 0
570 B 525ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9CE5 1 KB
799 B 14ms
13ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 14
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 5afdc52d-fb27-4c8d-aa9d-bb3cad0485da
x-served-by: cache-hhn4036-HHN
access-control-allow-origin: *
last-modified: Mon, 11 Jul 2022 21:59:27 GMT
server: Fastly
date: Wed, 13 Jul 2022 19:29:03 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F9CF 930 B
1 KB 28ms
17ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 110
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 13 Jul 2022 19:29:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 131
x-content-type-options: nosniff
x-request-id: 2e7fb738-08bb-4768-bbe6-10e09310eaaf
x-served-by: cache-hhn4036-HHN
x-timer: S1657740544.899035,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame F9CF 0
345 B 472ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 13 Jul 2022 19:29:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 5
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame F9CF 86 KB
16 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 106
x-cache: HIT
content-length: 16031
x-request-id: 1d6b69f4-a412-4500-838d-252af30dde1b
x-served-by: cache-hhn4036-HHN
server: Fastly
x-timer: S1657740544.913893,VS0,VE0
date: Wed, 13 Jul 2022 19:29:03 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 122

POST
H2 200 6 Show response
m.stripe.com/ Frame F9CF 156 B
523 B 533ms
179ms XHR
application/json 52.27.131.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.131.183 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-131-183.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fdfe7562300485acfd6477a0bae5f6ee5d49958a99e96fabe8b3e62c58ce9b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 19 KB
19 KB 29ms
29ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
server: cloudflare
age: 77297
etag: "610ae35f-4d48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 72a46ce1cdfc9113-FRA
content-length: 19784

GET
H2 200 pro-fa-regular-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 23 KB
23 KB 28ms
28ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0

Request headers

Referer: https://dashboard.sezzle.com/
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
server: cloudflare
age: 77297
etag: "610ae35c-5b14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 72a46ce1cdfd9113-FRA
content-length: 23316

GET
H2 200 US.svg
media.sezzle.com/style-guide/flags/4x3/ 4 KB
1 KB 25ms
24ms Image
image/svg+xml 2600:9000:224a:3000:1a:9a9d:1e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sezzle.com/style-guide/flags/4x3/US.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3000:1a:9a9d:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 05:39:48 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 49757
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 18:50:36 GMT
server
etag: W/"ae65659236a7e348402799477237e6fa"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET, HEAD
content-type: image/svg+xml
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: rfSCxUCMC7_00qQe5GzdrOjIcAndR8Rjv5cyCN3lw12bmOy1tNIkaw==

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 80F6 242 KB
61 KB 96ms
32ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

Request headers

Referer
Origin: https://dashboard.sezzle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:53:15 GMT
content-encoding: br
age: 2149
x-guploader-uploadid: ADPycduW3xhH6_vf6nL88_N5eJAZMfb-MMj5p9sk5jy1tFWmp6TWRRTrptawS4ZOnUIwbH2zXRuVjejwDDvB_ap5F-mKKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62689
last-modified: Tue, 14 Jun 2022 13:47:35 GMT
server: UploadServer
etag: "58807cfecad85abbba7b673538b5fc32"
vary: Accept-Encoding
x-goog-hash: crc32c=JC9AAw==, md5=WIB8/srYWru6e2c1OLX8Mg==
x-goog-generation: 1655214455844030
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62689
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 13 Jul 2022 19:53:15 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 432ms
238ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=13FHV&UserId=4854387292049408&SessionId=5094529785204736&PageId=6498777630576640&Seq=1&PageStart=1657740544101&PrevBundleTime=0&LastActivity=1&IsNewSession=true
Requested by: Host: dashboard.sezzle.com
URL: https://dashboard.sezzle.com/customer/c707bbbdb64dfaa3f851.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ef7e5b607be71390216c30158f981eaf6637cc5f4ad6ea1333ecf08a87128973

Request headers

Referer: https://dashboard.sezzle.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://dashboard.sezzle.com
date: Wed, 13 Jul 2022 19:29:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=355731011522150&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&rl=&if=false&ts=1657740544864&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657740543361.1942054458&it=1657740542982&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 13 Jul 2022 19:29:04 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=805817303491823&ev=Microdata&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&rl=&if=false&ts=1657740545139&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sezzle%20Dashboard%3A%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1657740543361.1942054458&it=1657740542982&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.sezzle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 19:29:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 13 Jul 2022 19:29:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bat.bing.com
URL: https://bat.bing.com/bat.js

Domain: ws.zoominfo.com
URL: https://ws.zoominfo.com/pixel/6195602f264b7f0014449dea

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1657740542984&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_term%3D

Domain: t.co
URL: https://t.co/i/adsct?bci=3&eci=2&event_id=627ade60-3917-42b0-ab93-31cbad460664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=b03f77ba-278d-4348-a2f6-981758378909&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o18vo&type=javascript&version=2.4.12

Domain: analytics.twitter.com
URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=627ade60-3917-42b0-ab93-31cbad460664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=b03f77ba-278d-4348-a2f6-981758378909&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o18vo&type=javascript&version=2.4.12

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1MJLY6RLKW&cid=2127895446.1657740543&gtm=2oe7b0&aip=1&z=2090637844

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72079130-32&cid=2127895446.1657740543&jid=187262540&_u=YADAAEAAQAAAAC~&z=1898102217

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sezzle.com/	1970-01-20 13:14:36	Name: szl_wpe_sid_lt Value: 6f33d370-f98a-438c-997e-23a753cf17a4
.sezzle.com/	1970-01-20 04:30:26	Name: szl_wpe_fs_rand Value: 0.053742503664326424
.sezzle.com/	1970-01-20 06:38:36	Name: _gcl_au Value: 1.1.293229280.1657740543
.mathtag.com/	1970-01-20 13:54:55	Name: uuid Value: 156062cf-1cfe-4900-9298-6a1e6054b8ae
.sezzle.com/	1970-01-20 22:00:12	Name: _ga_1MJLY6RLKW Value: GS1.1.1657740543.1.1.1657740543.60
.mathtag.com/	1970-01-20 05:12:12	Name: mt_misc Value: mt_bt:1
.sezzle.com/	1969-12-31 23:59:59	Name: fingerprint Value: c5c3d231aecb8a72e92e1eb6b8cbebf1
.sezzle.com/	1970-01-23 20:09:19	Name: trk_id Value: 6a52e5fe-855e-4ded-8638-f00e34ae9b2d
.sezzle.com/	1970-01-20 04:30:26	Name: _gid Value: GA1.2.891140036.1657740543
.sezzle.com/	1970-01-20 04:29:00	Name: _gat_UA-72079130-32 Value: 1
.sezzle.com/	1970-01-20 22:00:12	Name: _ga_FB5QYFCQBC Value: GS1.1.1657740543.1.0.1657740543.0
.sezzle.com/	1970-01-20 22:00:12	Name: _ga Value: GA1.1.2127895446.1657740543
.sezzle.com/	1970-01-20 06:38:36	Name: _fbp Value: fb.1.1657740543361.1942054458
.sezzle.com/	1970-01-20 04:29:16	Name: szl_wpe_sid Value: 31617d24-ebd1-436d-85c9-d90bbb53bc56
.dashboard.sezzle.com/	1970-01-20 04:29:00	Name: _szl_login_success_url Value: /
m.stripe.com/	1970-01-20 22:00:12	Name: m Value: b8ef67af-dd9c-4cc0-a4ae-67cbfa8e9806d75ad2
.dashboard.sezzle.com/	1970-01-20 13:14:36	Name: __stripe_mid Value: 7c8164aa-1d38-4577-b67e-4f078fb3a5ddfacb73
.dashboard.sezzle.com/	1970-01-20 04:29:02	Name: __stripe_sid Value: f832e48a-1518-42de-9ee2-bd7c3cc5c4ef1d9cf0
.sezzle.com/	1970-01-20 13:14:36	Name: fs_uid Value: #13FHV#4854387292049408:5094529785204736/1689276543

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-MX2HJWM(Line 46) Message: Refused to load the script 'https://bat.bing.com/bat.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://ws.zoominfo.com/pixel/6195602f264b7f0014449dea' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term= Message: Refused to load the image 'https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1101490&time=1657740542984&url=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_term%3D' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:".
security	error	URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term= Message: Refused to load the image 'https://t.co/i/adsct?bci=3&eci=2&event_id=627ade60-3917-42b0-ab93-31cbad460664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=b03f77ba-278d-4348-a2f6-981758378909&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o18vo&type=javascript&version=2.4.12' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:".
security	error	URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term= Message: Refused to load the image 'https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=627ade60-3917-42b0-ab93-31cbad460664&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=b03f77ba-278d-4348-a2f6-981758378909&tw_document_href=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o18vo&type=javascript&version=2.4.12' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:".
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 49) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=2oe7b0&_p=137146823&_z=ccd.v9B&_gaz=1&cid=2127895446.1657740543&ul=en-us&sr=1600x1200&_s=1&sid=1657740543&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&dt=Sezzle%20Customer%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&ep.cookieDomain=auto' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://*.zopim.com blob: data:".
security	error	URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term= Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1MJLY6RLKW&cid=2127895446.1657740543&gtm=2oe7b0&aip=1&z=2090637844' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:".
security	error	URL: https://dashboard.sezzle.com/customer/login?utm_campaign=transactional&utm_medium=checkout&utm_source=transaction-email&utm_content=order-completed&utm_term= Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-72079130-32&cid=2127895446.1657740543&jid=187262540&_u=YADAAEAAQAAAAC~&z=1898102217' because it violates the following Content Security Policy directive: "img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:".
network	error	URL: https://api.sezzle.com/v4/users/auth-status Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=G-1MJLY6RLKW&l=dataLayer&cx=c(Line 386) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-1MJLY6RLKW&gtm=2oe7b0&_p=137146823&_z=ccd.v9B&cid=2127895446.1657740543&ul=en-us&sr=1600x1200&sid=1657740543&sct=1&seg=1&dl=https%3A%2F%2Fdashboard.sezzle.com%2Fcustomer%2Flogin%3Futm_campaign%3Dtransactional%26utm_medium%3Dcheckout%26utm_source%3Dtransaction-email%26utm_content%3Dorder-completed%26utm_term%3D&dt=Sezzle%20Customer%20Dashboard&_s=2' because it violates the following Content Security Policy directive: "connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://*.zopim.com blob: data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .sezzle.com .plaid.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' unpkg.com .fullstory.com .googletagmanager.com stripe.com .stripe.com .google.com .zdassets.com .fontawesome.com .sentry-cdn.com .facebook.net .ads-twitter.com .licdn.com .google-analytics.com .twitter.com .sezzle.com .plaid.com .gstatic.com .mathtag.com; style-src 'self' 'unsafe-inline' media.sezzle.com media.eu.sezzle.com drdhqbag1wemm.cloudfront.net .fontawesome.com .googleapis.com https://.typekit.net; object-src 'none'; img-src 'self' media.sezzle.com media.eu.sezzle.com .zendesk.com d34uoa9py2cgca.cloudfront.net d2my4y85x5sd20.cloudfront.net .google-analytics.com .googletagmanager.com google.com .google.com lipis.github.io .facebook.com .doubleclick.net .mathtag.com .amazonaws.com data: blob:; font-src 'self' .fontawesome.com https://.typekit.net .gstatic.com data: blob:; connect-src 'self' .sezzle.com .google-analytics.com .googleapis.com .doubleclick.net .zdassets.com sentry.io .sentry.io .zendesk.com .fullstory.com .fontawesome.com https://sdk.iad-06.braze.com https://.zopim.com wss://.zopim.com blob: data:; frame-src 'self' .sezzle.com .plaid.com .google.com .stripe.com .mathtag.com; child-src 'self' blob:; base-uri 'self'; form-action 'self' .sezzle.com; prefetch-src 'self' .sezzle.com .plaid.com; frame-ancestors 'self' .sezzle.com .target.com https://virtual-card-qusqndi-vkuk3vuaqjlrw.us-4.magentosite.cloud .gamestop.com gamestop.com https://development-test-gamestop.demandware.net https://.sandbox.us01.dx.commercecloud.salesforce.com .travel.win travel.win reservewithrex.com .reservewithrex.com driveshack.com .driveshack.com puttery.com .puttery.com .auruspay.com .aurusepay.com stripe.com .stripe.com .bestbuy.com bestbuy.com .dollargeneral.com;
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.sezzle.com
bat.bing.com
connect.facebook.net
dashboard.sezzle.com
edge.fullstory.com
ekr.zendesk.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geoip.sezzle.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
media.sezzle.com
o215203.ingest.sentry.io
p.typekit.net
pixel.mathtag.com
px.ads.linkedin.com
q.stripe.com
region1.google-analytics.com
rs.fullstory.com
sezzle.zendesk.com
snap.licdn.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
use.typekit.net
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
analytics.twitter.com
bat.bing.com
px.ads.linkedin.com
t.co
ws.zoominfo.com
www.google.de
104.16.51.111
104.18.70.113
13.224.189.106
151.101.128.176
162.159.128.7
199.232.136.157
2.18.233.201
2001:4860:4802:34::36
2600:9000:224a:3000:1a:9a9d:1e00:93a1
2606:4700::6812:1634
2606:4700::6812:1734
2a00:1450:4001:800::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9d
2a00:1450:4014:80f::200a
2a02:26f0:3500:16::215:14a0
2a02:26f0:480:f::213:7ee1
2a02:26f0:f7::5c7b:e0e0
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.120.195.249
34.214.61.66
35.186.194.58
35.201.112.186
44.240.75.20
52.27.131.183
54.187.159.182
00b22acaee00348b43178cc978e585d5fe9fa363c2bd585bb16ba055b5acc32a
01d947313355bde055e756d110e9a21784fb847b4683032ae7abcf571eca3487
0275081115b0ebc8f125f2254abb12cf10ff6e5505a2567829dc3118810357eb
02b765124c05d1549800be151e11a8176d3be91cde2156a34ead7898db646ec8
031ad05ef344de024d8a2343efc1d672cdb23ae611d11a50fbf460bc6e8eb48b
06a4a3516beb220a8dfe46cd20f0e6f069776b9209ac9d64f850820718ad076c
06be02d32c46931775ffff6b1d5f6258088d6b7e71f5b8135c9a8a477577ad9b
07d90a55978a1ee29dffcf12a7fed9dd0f589b86f56041c32ad454eddf4cd16e
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
09d0829c8f1e4735fca774f572d71ebf4d86388eb2232775465b3b0bbd4a8da0
09f23a0378fd4e28634e801acb9132f365edfa93bcf802ee99c297fb40dab3d3
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2
0b335749a1e0a6e2c844a0989b3aaee5d721aea660e4cfd10b24695cc072443a
0c0964427e7f1dad59bf2de479e3d5b821158349a6994771eccec9a8fa42fdcf
0d329a63809e72cb02be9bfdfdebadbb9e6ca8435a7b4fda8d9e98619bedb5cc
0eb370e2ba65eeb0cb70f476da9ad423328cbdf9578d7ae1ed5ab90861550c98
0f31ce377e43068f03f0619869467481ffaeb136e3f955aa583d7c0b749b6135
10c2be6f77a3fa71ca4e42f8066abfe1c4d47e8ca801205f0bb3a186e593013d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1355ed601cbb008bc04077a18ae189d63c726d74f7e89f8df58d836db39843f6
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15cb59031be4f1fb4d69d3f507d8c22b23f12f54b3031411b17ca071c5e55fa8
1772ba0ab7e49ed2f43c7b7edb75b8132ab494773480d9f9efceb5701487b61e
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
1bc1996e9ae553a563d862ac5461e8b1bf5ba1a549a25ff6285d05e812e55fa7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1fa45cc1f95a1059d5238f3d9bb32f023cbe1c6cbca0cc353bf486aeba105d1a
217bbe61a30d8bed7453ec94816e327c7e14434d113ad52001625e5133e27916
21da150e778cbee434f52bb5821b733763959c6f7626192162cb6fb9c9164dab
243f9d779ad08be3c821c3298adcc3afe6e5fccb8b44074166ef40d10e50a2b7
246dffcc6f948d6f7dba15fe52e7fb21e52fa622be7f5052aa7759563487b667
265d9d48e62f691b091d38decd33bdd0a8735a795a2e53c28cf4f2ff75c19d3d
266316616704a66ea066029591c7ca4e67f8ff75f8ac04d3694376710a14e50f
2874ff82fd35a93853e9c47ff33f01ac5d025bf9aca9d55e22699d3313fb7854
28e03d95de1d6444e26efc6484735604a2b3018292b522809e8ecf7d67c0bac7
299a87a8277c1ce916155d0e217027fc523eab2384b588592ce9376e9dee2006
2a24c81e86571512ea0c79ebdf51485e4968d43a29b9692b15038ec001416480
2d3ea739e10e1df54f7c4088baad87521523a47cd4138dcaa0094c3e39487c45
2f63e4b13a6b63ba7b78e00d0c89665747c76aea319fe0bd09b26fbb14793686
30a45e74f8f90d09853e72aac6d92021f75df8f9844d49d5805255b895e3238e
319264e23a2f4de1c31be28ed5d9524e35012f24fa80fc81815ec387883a72ac
31eebbe9a7f787bd7d0f2f86a9339150d8a6d101569aa3a03f777495020e8800
3230f327083173b54fdd0553bea0f9c8725302a56cf3607feab3457d426acb1a
3385fae722ba5529f7fc7f5bd67bb3d3d784644f56665830ce97365e946c8489
3672428c5033cdd24029908c8e8637854ee76a89c83a03c569e432f1010aaaab
370b249474328d7657de3b80acbe154049acfaee5b738fb5786dfe399ebbcd55
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
38a45f0ea9c762e1d320d0c82aac79d3003e25f1433b4f6582aff94c5c8862fc
39492b6fcaa54dac72035a607cebf2cf9d37506692c1e12a703adee40744edfd
39f5ba0634621ed74d8813a3a09e722eee8c594fd0f143e226d5fd580cb7c2a9
3a09af7a73a0fed67ca0f5d4148f9da550c6ecdd4d3eac3fa146d67ff5df66d2
3b57968e5b7025726b4b52dacc2405bb99b68a21d50e7d204be62a346c02646f
3c133993fa1d55fcf049df50f4029fdf0894e023a81fbbffd415e2c26b704ef3
3fdf1610adbc4accd9d073e7433526c2f9ffc92abc3d5283f374834fd4cd7c45
41805f96ffbdb4f7f2318e0593e225d1c3ae9520767f322bee225bbf339c2d2d
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
436a2baf9737597a3c6b3fedf1d123742136e59786c34d57c9e2718512f87537
43d6f58849e2ca27962efc6695fd774074ea2f01019d45b91dab71ec8b69286e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46c4375755f86089630a9d0013451ffa50d2977611a84937ca100bfcab6406dd
472011ddcea684042db4e8e322d8a947158cac28b0fabe7c329609b66ec7ec59
4b08278581fa84850654186f4a5d37f9b296cf21f1917c90c6d1597110cc0a00
51443c903e562eb78e2082bfc7c361c9387946eb1bfd36cedb466f2824dcb248
5305aaae3a8167077c0cc9a27297eab8d9de96608e504603381adf766da79b91
54bcaab738f12bc64efbb3682017dcf157343ab550db304002880d57fe8ad760
54d4c0a4361097c9e2aa32993c35d3e478255f81c79a1183eddc93290fb6ce7b
56495fd469fe40eb081bbd3cffffaf2534e3fa98428b4ffc071b4ba3c293a544
56b0e6718f93c5249b985bc45a1ccc66554ab920d07dfe6a3c47c8b6791edec5
58db900dd31e630f1cd80ff2bb7a0e31d93f6befe06f2d8c715078fafc316bf5
5cc50534d2c6f552bdc9b2d131eb35def188bf4509b9090bd7465703024b4f4f
5d6b8ae4f1b7f5b1d3733bba32609481ff510dea54306e5e8f5ae1afe7321e43
5d8634da3d64179d9f4ea0f5539304c12263acdc8c3a914d7d1a51b42c3caf68
5e0b3c1337547f46b0fb0e60e9e30ba2b029af2539840fe7ee90e9b4470b9060
5e105ff3de96d740e37cbcca0c405321678f011427bb219b5624674aa251151e
5f12f09e6d8fdcaf0d9e4e509547a8cf465161484613402aaaae4a82c2fe2ce7
61700a2d3f137a6f8e93a340eaa75eac89b24186a831b69e82e5ed6d0e28000f
63681b10110fc95a23ffc7d3fd4929211e0f0ea28c62be920d9c7e6d3a46e848
64a6354874e6e524ca1f04b74f93c549db39e0affee8cbebbfa2741f8f8cc689
6579d23302aa1fa5cf46115ce0903aeee261e64ec20ffdb2b1f6ab2ad0b0d3e3
664b7437f0be6a1b81d05898e82d23ead604f9c0e6e55cdc12b62517d569bda5
664c82cf59e5a61b3c5f169f614e94d3648bcba0bccb817fca5a036fa7e40f4b
67fc947ed9ee59a0376d14e79bb1b3c2c87a39208540c6b6e0f5828286c90321
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
69b41f55b1e7ef9d4a3f06d9578f7c48c7fffecec759348ba8512315d3cd7741
6adae5c0a26e3a7f8568b8f30fb6a9b07f6096406f8312fe9e9c652dd774a885
6c09308e52045f50e04a9d02ae3167a9dc3682c195ced511dfdab7f4fa71d4fa
6c7dca6d52e3f77ba9da0918ed1f7c3fe25b695e5df6ce2a62964ffc18074d4b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
702d3c0fa8237164cccdf50a1b39dec1536e6d3eea633b2cc2939307a825ee7c
72bd7c95a20e97ee7d236f202facc16695a4e544be46658ba74ac6c98d8b2031
741fab88f75482f0c773f850e7bf60fed803b51158368bcf192269267abd355a
7447c7e9d16fab9d4b2221a9260ecfca79767bb30610ae93c5b71eacfcb4129d
76241f4423016893e64d057aee68869beb1b053e58c5bb1fb6d971ddcd660071
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
7ee3dd3b6c64183225b852cf702bf91f8f2e1c86b2f0a4ee5f6c8d59650fdfcb
7f133b4d841dff6b2dad6f38d57a9dd5c570b772812c32d1f0599946b02ffef0
7f77dc76a922ecdb55b085d1a6e7da778e76031a0e0ee558f191e428d3a76f56
805cc4d6f62da45301cd673375fb6687c06c929984590b2c3c52c7f4b3b6c89a
82988551aab5294f5da54af0bc5c19a6c303d8f7a7a34c033cb73b8f96bab221
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858e97143a99eaf7b6c6495bdeb08aedfc73b5f8b39a7b3de047d4951190f891
8643c9e06437c2a87960338dbb506e26f6e6c3f56fefa04dc4e379a72f69afcc
8a6bec2e7c678155ea3b2db604ed2613ceddd3ca8ea5677d0e618a58f4ce9621
8b7bc2f983617c2e5281aa12c51be37ea896c74c79b840ca07efc458fe12e50d
8c87bcfd99d702dcd06a7050cc19fd5ccb9df144517fc93011665f29fc59c4e6
8f75623c7a7b40c5f87fea61a2a22822f6be0a3ce280259e5f65038f001b5afa
8fbea840649683638aa2b51ff23bb57f8acd9200ff44620f0091798b47025135
91350c99c9ce838d8890004fcde546ebbce0f0003dcaf2b9428e7b257b8f16b9
9536cff93290d9d78b7d38eb8bb55b8c0fb88774e04322add4b01810604331d0
96fce747f300ae358e4647572f6fdefc92cbc242c0f50100f8e66b5bff58c5d9
997202b5155b8f17b5a551e2480031890f295b1b1fe88caa33e82e0271cdf6e2
9a02d91fed7d1b6229b095bc4a80ee4c9af9d7cf4e77f9920a3c4be6c1f9cd47
9c4f9aa98e066966b3cdb257121a4c68b665adbf19c7f6e0e1aa680c4c171346
9f4aaf906fcb6d51837e379cc5186b70a247110ad332b4a847f2a16f136b9ad8
a1140de8dddf7579e2283c4f3cdbdbc809766b50e2ccdbeba309e9eea3366e45
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2bc52b0f103165a5aa516b2fb3d355b68a4584f606d48207c5f9867c0549ad1
a333d8ac6e13a20b33aedc9b6ccb912e0b8e74de68099e17246fc8b0d22a142e
a3be7c9f6eb304b5336f733c7020e8a08b10b32498017fdf270826af6e2312dc
a59ac73c5a79ac711fec87d2decc18aa91cb95a121741f168536963d7cb08fb1
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7ba73ee0b023676903685f612e52582b51252a4a7a1c8f9d03b013926655185
a81b58837acba4e0e4d4d7ef7f40dfce45398f7a3964da1d8bcc435415cbba3d
a81d8b0ed1bd6f2cf4bf436baa4949c0e6ca2872ca0bcd8de987af1fd153b976
a88354dca1209536939811baf648769d736f6acf82bcd67b4656cc91b7f3bcc8
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
a917a00626af95050f6ab8b93382d16e60d0346830e38c1e03e7add6383c3a75
a9400c004f5cea56b173d2f17493d9eddddad50eb75b29593989c66e80fedc81
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
aa72712e9bcd83d454c03ec9dcbaf1962765f5078c92a639b83fef57bfefb6a2
abb77bae58f4974530fa051380ec08241ecbb1cfe3e9d5c65386870b4914ff80
abd102f0705b25074ca8daaba3953839e08dfc372368174a3b8d3c97bc508960
ac317bf8496a4d232247958a1be73e38318d06c580c0e53cfce3163cce75712d
ae0bed62b4fb523fb13faa0ff67810b563ddff986942582f7027c132cebee0b9
af9704e7822702d3e0bf38f16c54be0e613b36b2e8c1aa59616c2c3896fa27a4
af9ce7b60d48b7dff365f1080339b55ea23774aaa58ed2f05c59de5336dcd3d4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b534de94378851860ffae1ab94fc2bbb1ed374bdc4a99d635b043c9badda9a52
ba66a3782636667fbbb0a71e380bc34841142c2399cb0b49ee570d14c275c1fa
badc476f290efa1588b6d34d18cba43214487bdae4f0a1b6f4f65b83359ce948
bb47b4a4a330108da2a5367eb21e6f6ff1473f73d8526516117ff76d4440fded
be2c2382281b61622b8098d0e1928ff7f33736fef24569d63b8b6b708ea2ebba
bea9271b88bc185ffb9cae6b1b26fbec8d2da3bfc9515dc3ce652a3d38a72304
bf416f865d8acfa473483bc09d259bab50ad852864b9c0da431ad40dcf49e7ae
c0cbc9bf1b8a07fdfaf803c1ea0fd8ba4602c58eb3de6d23410d41b3b3814c4f
c22ca97eba1179e35d560b5916291f94342f53b8c4960c3d4b7e38c9f5bfe7ab
c27ba18d7c612c4bca30ae8877cf35f6ac94cac8ec5d927170f2f185f5fa557f
c43f7f438447b69d0fc0d95d932d29567cd29a40c44e6a8985c3c5e41359ec11
c5c9c2246fe20b955805e8c380082bdb8663625e734a043af930b3e562991c33
c6689605c72a2e32bad99cf2eb278c6fcabdeb91e8d2c7c52f4181a07a4cf35c
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c899bf1fc4c5be83bfa84d8bc8dc406e3b0a74e2e1c445922527c6436803318b
c90e217a6294eb8663ebf9e85d7554f036df29a67551d13356d8b4430d3fed24
c910f3dcaf1b3fc20a9b6c11ebe877778fbdb6b2aa7e537aa1e8e5fe034e803f
c9ab4826c6e425e81f3f1608d04fe49b75188feddb511d72e87020699e4f12c7
c9c03bccb34d6e726a28626f2ca18db67e3ca92efdf940f598a6c48fc5eee7e4
caf8da20dd2adcaa11d6cb880b6dbe72efd3a42998ed6fb670353badd3cda187
d3ec38880e1d4c155e50155d6be97de1ebe52d06d9deacb46ee24f3631da7e33
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
d46df087d03f36f4057c47d5069d1cfb67714c66fd2582d84be7c549706e3af9
d4f71db6db6d75014ae0171f4ba2054b978920e0d5f82eeafedd985a9cb32fb8
d6e0719cc49d3e6a4e86818ce11af40933c5c4cd9973226108899b958d3f138d
db086022e0cb0bfafe95312964939ffc4b189062ca7a5e67d9123a180adcfcb8
dc32df24e5cd0cd3a47fb3776ec7eb84b31fd7bc28b1f7bb5240af646c56956b
dc9bf02f2d27bcba66e58a4b479288607675333ab107d8503fdd40df02e03337
dd99c7f69185bd71c099066d43bf9a955fead8d03984e02359bb17f3562230e7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0da09ee26efd6fe00a8ed0e458d12ed13f2a2ebb132828f5b89edd05e17bdb5
e118a32ab33632807692ee903bcf8c467206d68373844d7433a02622d38cf825
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1ffd506c4ca5d42290e3a5cdea40b93198b1a7b02b8f9c02ec971cc25c738
e4c5459d819a43cb932eaf1340a87a5fb84c2f8ead7cf64648453f70790efb31
e595ef84d0997114bc7ea75b54c62ddd82635c817a73a783e8636a3d384a23e9
e7f9a744a9e69d1fcb6a6ec655b35e68b8b859be97e07c7f66d95933e4c9619c
e8eefcf94f99953fe19ec48d301b71c2d80e4c308c617685cd3a7acab90453c8
ea9dcb64755b04886f9ac8b9562691f9eec1d2120a1f5ed27afee2f283a943f8
eb9a7a913ff45ec40d0d1de3bc758d84bb01d68b6670721675dc2d9bd9e4750e
ec10d198bd5a2a6320c7b1d8996446f408eaa9a425546536dae01b325860c084
ecb150c6330eec924c4ae2143b3d45606cd7355214c53c22a7a6810bedd8b239
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7e5b607be71390216c30158f981eaf6637cc5f4ad6ea1333ecf08a87128973
f19fffab3ee90eca96e94bd6a7c295045f1ce8b03763797f301b3b84598020ae
f2634c29e0db95a05c8d14971a8ee1ec6604694c0b095244ac34fdf2342cf98d
f27db8853d89cc5e26f09104092abfa99af8b98bd284f0b771de2067920a6faa
f2de4122efe112141dfbd6c764c7e3b0d5941c57e9e30c3db5b464a16e2a4c74
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f59dbff4fa2ae6c7370f7bf8f33a9965105e69bc2ee82fee119b506ea9205b1f
f7f48deea4e4a0fe941a1b91bcdf2b0609f227ec47b9a0488ebd004d3047c77d
fa014788b4375e3e3657c15713e45e2a583d07ccd80bf7111238b4da4ffeabd1
fa731600f228489feceeea027f3383c8cec913b3d87dfe82b1d7d51cdfe4c7a9
faa31b4c1e091eb9ad03faba986aa6ef96af89a61c0dfbede260426690dff751
fba24e79f1255f365b46b70837e9201e45f045c3c5509bfc24240326820a1366
fc77a3f2e123aa4efb360f2ec4b75caabb31c58c5a14fb7a59b994d3b17989f7
fdfe7562300485acfd6477a0bae5f6ee5d49958a99e96fabe8b3e62c58ce9b63
fe2ddd6430b01428063f6923a396392fdc93447073619d855f4dc4ff0087ed29
fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

dashboard.sezzle.com Open in urlscan Pro 13.224.189.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

227 Requests

97 %HTTPS

55 %IPv6

26 Domains

38 Subdomains

32 IPs

5 Countries

3791 kBTransfer

13875 kBSize

19 Cookies

2 Outgoing links

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dashboard.sezzle.com Open in urlscan Pro
13.224.189.106 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

97 %
HTTPS

55 %
IPv6

26
Domains

38
Subdomains

32
IPs

5
Countries

3791 kB
Transfer

13875 kB
Size

19
Cookies

227 HTTP transactions
2 data transactions