Submitted URL: https://shop.lavita.com/
Effective URL: https://shop.lavita.com/de?region=DE
Submission: On September 24 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 69 HTTP transactions. The main IP is 91.204.44.204, located in Nuremberg, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is shop.lavita.com.
TLS certificate: Issued by E6 on September 1st 2024. Valid for: 3 months.
This is the only time shop.lavita.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 91.204.44.204 197540 (NETCUP-AS...)
2 2400:52e0:1e0... 60068 (CDN77 _)
16 34.96.75.226 396982 (GOOGLE-CL...)
7 148.251.5.29 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 13.225.78.64 16509 (AMAZON-02)
5 142.132.242.83 24940 (HETZNER-AS)
69 8
Apex Domain
Subdomains
Transfer
36 lavita.com
shop.lavita.com
tdata.lavita.com
api.lavita.com
571 KB
18 lavita.io
assets.lavita.io
openreplay.lavita.io
sentry.lavita.io
266 KB
7 ccm19.de
cloud.ccm19.de — Cisco Umbrella Rank: 146018
48 KB
5 trustedshops.com
widgets.trustedshops.com — Cisco Umbrella Rank: 47926
61 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 9534
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
95 KB
69 6
Domain Requested by
16 tdata.lavita.com shop.lavita.com
cloud.ccm19.de
16 shop.lavita.com 1 redirects shop.lavita.com
cloud.ccm19.de
10 assets.lavita.io shop.lavita.com
7 cloud.ccm19.de shop.lavita.com
cloud.ccm19.de
5 sentry.lavita.io shop.lavita.com
5 widgets.trustedshops.com cloud.ccm19.de
4 api.lavita.com shop.lavita.com
3 openreplay.lavita.io shop.lavita.com
2 plausible.io shop.lavita.com
plausible.io
1 www.googletagmanager.com shop.lavita.com
69 10
Subject Issuer Validity Valid
lavita.com
E6
2024-09-01 -
2024-11-30
3 months crt.sh
plausible.io
R10
2024-09-02 -
2024-12-01
3 months crt.sh
tdata.lavita.com
WR3
2024-09-06 -
2024-12-05
3 months crt.sh
cloud.ccm19.de
R11
2024-09-09 -
2024-12-08
3 months crt.sh
lavita.io
E5
2024-08-26 -
2024-11-24
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
widgets.trustedshops.com
Amazon RSA 2048 M02
2024-05-25 -
2025-06-22
a year crt.sh

This page contains 1 frames:

Primary Page: https://shop.lavita.com/de?region=DE
Frame ID: D76B62DB9CB65A73323E42F20C522A8D
Requests: 65 HTTP requests in this frame

Screenshot

Page Title

LaVita Online Shop - Das Mikronährstoffkonzentrat kaufen

Page URL History Show full URLs

  1. https://shop.lavita.com/ HTTP 302
    https://shop.lavita.com/de?region=DE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • plausible\.io/js/plausible\.js

Page Statistics

69
Requests

99 %
HTTPS

29 %
IPv6

6
Domains

10
Subdomains

8
IPs

2
Countries

1043 kB
Transfer

3112 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shop.lavita.com/ HTTP 302
    https://shop.lavita.com/de?region=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request de
shop.lavita.com/
Redirect Chain
  • https://shop.lavita.com/
  • https://shop.lavita.com/de?region=DE
140 KB
32 KB
Document
General
Full URL
https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
88ef5abebfed19a8cdf4c47d4bd65d6125a6cfa5ff59222de68f36e9c9a07408
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, sentry-trace
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-max-age
86400
content-encoding
br
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
content-type
text/html; charset=utf-8
date
Tue, 24 Sep 2024 11:53:54 GMT
etag
W/"bbebcb935fd712c7cd9c75c25e408d49"
last-modified
Thu, 19 Sep 2024 09:10:03 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
x-amz-request-id
tx00000e3d03f50ea9c3a94-0066f2a852-163c956-website-object-store
x-content-type-options
nosniff
x-frame-options
sameorigin
x-limit-req-status
PASSED
x-request-id
72fb79e67528e4590bbe6825113f1bd1
x-rgw-object-type
Normal

Redirect headers

content-length
138
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
content-type
text/html
date
Tue, 24 Sep 2024 11:53:54 GMT
location
https://shop.lavita.com/de?region=DE
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-request-id
a4861002fb38f2a7e47db1cc82b4a980
plausible.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/plausible.js
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cdn-status
200
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3=":9443"; ma=2592000
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cachedat
09/24/2024 11:53:50
cdn-cache
HIT
cdn-requestpullcode
200
cache-control
public, max-age=3600
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
828d41a708f79bbfd0d493241cdd8667
cross-origin-resource-policy
cross-origin
cdn-pullzone
682664
cdn-proxyver
1.04
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
exponea.min.js
tdata.lavita.com/js/
186 KB
56 KB
Script
General
Full URL
https://tdata.lavita.com/js/exponea.min.js
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a5f599a6355e5708ad7d040b8ab4f451310b98fe68074b11ba0b4d66f1dc9a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"66e2b7cf-df4a"
via
1.1 google
expires
Tue, 24 Sep 2024 12:53:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57162
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Sep 2024 09:43:43 GMT
server
nginx
app.js
cloud.ccm19.de/
119 KB
25 KB
Script
General
Full URL
https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
04306454dbed98cf1bc28c2809ec7a4af494f5634a50e51f61ede7b231652ebd
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload
x-robots-tag
noindex, nofollow
link
<https://cloud.ccm19.de/app.css?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55&v=1726062120>;rel="preload";as="style";nopush
cache-control
max-age=0, public, stale-if-error=3600, stale-while-revalidate=3600, max-age=0, public, stale-if-error=3600, stale-while-revalidate=3600
content-encoding
br
etag
"N55T4lamRlyoaO1ssTaY0XFePvtjNFTZ-br"
age
471
content-length
25332
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript;charset=utf-8
x-powered-by
PHP/8.1.28, PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
vary
Accept-Encoding
LaVita_Logo_2020.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=135,q=75,f=auto/logo/
4 KB
5 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=135,q=75,f=auto/logo/LaVita_Logo_2020.png
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
59ace29fd007f81ce9df7893542e3f29fd1dbce1ed56efce66643b3a4d411cb9
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
2977721ffe4e1940a22a7c6d7c8790fe, 4cfb0dde383c700d5aed598700f3622c
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:54 GMT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
image/webp
content-disposition
inline; filename="LaVita_Logo_2020.webp"
server
nginx
vary
Accept
headerbild_shop_1534x800px.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1534,q=75,f=auto/shop.lavita.de/
57 KB
58 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1534,q=75,f=auto/shop.lavita.de/headerbild_shop_1534x800px.png
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
a37a2586e7c8b3f4a4ea8d528cb99fa061b2f61e7d36cdc42f756d9cb6a6ac89
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
d4fe2fa0b087c3ebbde2d3da7735f7a6, 7567d28c777c14e37545bcd4c23b3060
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:54 GMT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
image/webp
content-disposition
inline; filename="headerbild_shop_1534x800px.webp"
server
nginx
vary
Accept
gtm.js
www.googletagmanager.com/
277 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTX95W
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
776c3bcaab06fff6e0930d96133d1fc095b4d510961d49ce7675a9f4ad5aa48d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

content-encoding
br
expires
Tue, 24 Sep 2024 11:53:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
96947
x-xss-protection
0
server
Google Tag Manager
webpack-runtime-de0fdce5740d69ff09a9.js
shop.lavita.com/
5 KB
3 KB
Script
General
Full URL
https://shop.lavita.com/webpack-runtime-de0fdce5740d69ff09a9.js
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
97b8b985a13250c0bbfe025805f42c56de346555c623fe0afcef967b08ea0f85
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
c1bb89c0d72c6b40a60e9d02702ce5d8
access-control-max-age
86400
content-encoding
br
etag
W/"05a26ddf4392070cf59c0ef2d1394561"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000aecdbf42d05b52dc-0066f2a852-163c956-website-object-store
server
nginx
framework-20de9187c99c91f13eda.js
shop.lavita.com/
137 KB
43 KB
Script
General
Full URL
https://shop.lavita.com/framework-20de9187c99c91f13eda.js
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
789a75b5ee3abbdd5cd7c0079a32003e263fd338820b9d2cb849e591ce5fe453
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
a7b2583d826f96b863951ccacb4ba4e2
access-control-max-age
86400
content-encoding
br
etag
W/"611c02e3b18ad6cf859623cdb716bd1c"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000cf3d7840dc516ada-0066f2a852-163c956-website-object-store
server
nginx
app-29f58900e990a42059ec.js
shop.lavita.com/
816 KB
215 KB
Script
General
Full URL
https://shop.lavita.com/app-29f58900e990a42059ec.js
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
0ad342bade7d208cf88ce69a885e60ec8760dd483c426958bd72de776834de2b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
a3756a84a7018ed84cad763694bb79b1
access-control-max-age
86400
content-encoding
br
etag
W/"264c36ad2f7e3ec151df25d215ba9372"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:10:00 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx0000025a508d25538ac9c-0066f2a852-ee251e-website-object-store
server
nginx
event
plausible.io/api/
2 B
518 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://shop.lavita.com/

Response headers

x-request-id
F_gr_8B1YfO0zUkF2uKY
alt-svc
h3=":9443"; ma=2592000
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
text/plain; charset=utf-8
cdn-cachedat
09/24/2024 11:53:54
cdn-requestpullcode
202
cache-control
must-revalidate, max-age=0, private
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid
64fd9fcfcd929d96f66dfee1de7fd1fd
access-control-allow-credentials
true
cdn-pullzone
682664
cdn-proxyver
1.04
application
127.0.0.1
permissions-policy
interest-cohort=()
access-control-allow-origin
*
content-length
2
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1080
cdn-requestcountrycode
DE
app.css
cloud.ccm19.de/
45 KB
8 KB
Stylesheet
General
Full URL
https://cloud.ccm19.de/app.css?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55&v=1726062120
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
caa07acd92fa9499d279ce6cbd1dbba7d1515bde3957072fa53826133ccbfaf9
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

access-control-max-age
3600
content-encoding
br
etag
"N55T4uQT3dVBeclgBZlyeneLp4gCzjTX-br"
age
215
access-control-allow-methods
GET,POST,PUT
date
Tue, 24 Sep 2024 11:53:54 GMT
last-modified
Wed, 11 Sep 2024 13:42:00 GMT
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-security-policy
default-src 'self' ; script-src 'none'; connect-src 'none'; form-action 'none'
cache-control
immutable, max-age=31536000, public, immutable, max-age=31536000, public
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
7348
x-powered-by
PHP/8.1.28, PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
module.js
cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/
8 KB
2 KB
Script
General
Full URL
https://cloud.ccm19.de/plugins/Ccm19ScriptPlaceholder/module.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55&lang=de_DE&v=1726062120
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
c734c434e2df313f16ef8e72d82a0b283a811bbbf8f98480b8f52ef25d14b464
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload
x-robots-tag
noindex
cache-control
immutable, max-age=31536000, public
content-encoding
gzip
etag
"N55T4nMEgKwHXEEOB8mQ+b+dgmFczS7t-gzip"
age
7040
content-length
2249
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript
x-powered-by
PHP/8.1.28
vary
Accept-Encoding
server
Apache/2.4.59 (Ubuntu)
widget
cloud.ccm19.de/
8 KB
2 KB
XHR
General
Full URL
https://cloud.ccm19.de/widget?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55&lang=de_DE&v=1726062120
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
626fe72496124ed536b23b96315c2f70ea07ee1b77fb8809b051abcbe6109f05
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-robots-tag
noindex
access-control-max-age
3600
content-encoding
br
etag
"N55T4ksra3JXrpI6Kw9hagJwmC/WFPvf-br"
age
287
access-control-allow-methods
GET,POST,PUT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
text/x-html-fragment; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
strict-transport-security
max-age=16000000; includeSubDomains; preload
cache-control
immutable, max-age=2592000, public, immutable, max-age=2592000, public
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
1976
content-language
de-DE
x-powered-by
PHP/8.1.28, PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
X49E710FC236D0FD6604F8259314C8A7F.js
widgets.trustedshops.com/js/
2 KB
2 KB
Script
General
Full URL
https://widgets.trustedshops.com/js/X49E710FC236D0FD6604F8259314C8A7F.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
682f6f6312a795e5604ee0f2577e7bddb98a1a3d925f93c7b3819f6a78500da7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"175112de086d228c8281ac5734ea75f2"
age
77
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
J6HW48h44MKRjcwrw2Qi0gTJdNQSQieqapR79QdHQPOS19Eatm8ndQ==
date
Tue, 24 Sep 2024 11:52:38 GMT
content-type
text/javascript
last-modified
Tue, 24 Sep 2024 05:12:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
myriad-pro-semi-bold.woff2
assets.lavita.io/fonts/myriad-pro/
60 KB
61 KB
Font
General
Full URL
https://assets.lavita.io/fonts/myriad-pro/myriad-pro-semi-bold.woff2
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
7313eba4358f5f5a8053cefdf084a9f187f5204e9a61de6a88ad8cbc1091fcf9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://shop.lavita.com
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
content-encoding
br
etag
W/"db2a577b157c6de096e51fbfd101e3f0"
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-amz-request-id
tx000008a496a8f0ac253b9-0066f2a852-ee251e-website-object-store
access-control-allow-origin
*
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Wed, 07 Aug 2024 13:02:16 GMT
server
nginx
access-control-allow-headers
Authorization, Content-Type, sentry-trace
lavita-icon-font-v2-4-0-7f5d01a8acbb0f2cb615351a311e2d88.woff2
shop.lavita.com/static/
92 KB
93 KB
Font
General
Full URL
https://shop.lavita.com/static/lavita-icon-font-v2-4-0-7f5d01a8acbb0f2cb615351a311e2d88.woff2
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
b033afdc405948960bee03f098e6140a7047579d5456bcfb504a6b4008041e6f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://shop.lavita.com
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
ed023b21e201e1c137760bdfb343af27
access-control-max-age
86400
content-encoding
br
etag
W/"00465c2ef550c1f54597befd6f156e81"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
font/woff2
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000e740d06003611b17-0066f2a852-163c956-website-object-store
access-control-allow-origin
https://shop.lavita.com
server
nginx
myriad-pro-regular.woff2
assets.lavita.io/fonts/myriad-pro/
60 KB
60 KB
Font
General
Full URL
https://assets.lavita.io/fonts/myriad-pro/myriad-pro-regular.woff2
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/de?region=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
6d0ea49f9974b2ca66b780cd788da6de72c7ca9d8429b5a638fa5a7dcc123479
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://shop.lavita.com
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-max-age
86400
content-encoding
br
etag
W/"0d00202f8fe95fea3706274a1f5f51c7"
access-control-allow-credentials
true
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-amz-request-id
tx00000bda52077d15b9a67-0066f2a852-163c956-website-object-store
access-control-allow-origin
*
date
Tue, 24 Sep 2024 11:53:54 GMT
x-rgw-object-type
Normal
content-type
font/woff2
last-modified
Wed, 17 Jul 2024 07:41:29 GMT
server
nginx
access-control-allow-headers
Authorization, Content-Type, sentry-trace
consent
cloud.ccm19.de/statistics/
0
0
Preflight
General
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shop.lavita.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
access-control-max-age
3600
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
date
Tue, 24 Sep 2024 11:53:54 GMT
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
server
Apache/2.4.59 (Ubuntu)
strict-transport-security
max-age=16000000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-powered-by
PHP/8.1.28
details
cloud.ccm19.de/widget/
0
9 KB
Other
General
Full URL
https://cloud.ccm19.de/widget/details?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55&lang=de_DE&v=1726062120
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28, PHP/8.1.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://shop.lavita.com
Referer
https://shop.lavita.com/

Response headers

x-robots-tag
noindex
access-control-max-age
3600
content-encoding
br
etag
"N55T4lJ3YVioYWRf4xIG6Dys/oiLmuGI-br"
age
22
access-control-allow-methods
GET,POST,PUT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
text/x-html-fragment; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
strict-transport-security
max-age=16000000; includeSubDomains; preload
cache-control
immutable, max-age=31536000, public, immutable, max-age=31536000, public
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
9126
content-language
de-DE
x-powered-by
PHP/8.1.28, PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
consent
cloud.ccm19.de/statistics/
16 B
793 B
XHR
General
Full URL
https://cloud.ccm19.de/statistics/consent?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&gen=2&theme=6569adb5685f01fc2d0fde55
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.5.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.5.251.148.clients.your-server.de
Software
Apache/2.4.59 (Ubuntu) / PHP/8.1.28
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://shop.lavita.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
access-control-allow-methods
GET,POST,PUT
x-content-type-options
nosniff
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/json
vary
Accept-Encoding
x-frame-options
sameorigin
access-control-allow-headers
Content-Type,X-Requested-With,X-CCM19State
strict-transport-security
max-age=16000000; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'self'; form-action 'self'
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=(), geolocation=(), encrypted-media=(), camera=(), microphone=()
access-control-allow-origin
*
content-length
36
x-powered-by
PHP/8.1.28
server
Apache/2.4.59 (Ubuntu)
truncated
/
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
consumer
api.lavita.com/v1.0/auth/
0
0
Preflight
General
Full URL
https://api.lavita.com/v1.0/auth/consumer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shop.lavita.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept
application/json
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, sentry-trace
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://shop.lavita.com
access-control-max-age
86400
content-length
0
date
Tue, 24 Sep 2024 11:53:55 GMT
server
nginx
af5348cb-220d-46cf-882a-2c57fb1ff97f
https://shop.lavita.com/
0
0

start
openreplay.lavita.io/ingest/v1/web/
0
0
Preflight
General
Full URL
https://openreplay.lavita.io/ingest/v1/web/start
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://shop.lavita.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
date
Tue, 24 Sep 2024 11:53:55 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-request-id
d9639caa948ff97d6533e0fc68a757d3
consumer
api.lavita.com/v1.0/auth/
786 B
1 KB
Fetch
General
Full URL
https://api.lavita.com/v1.0/auth/consumer
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
2fe5f3d513658c6100e4fb4b00ba304df0443b5425094cc5bf3278840a058892
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://shop.lavita.com/
accept-language
de
accept
application/json
content-type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-last-event-id
None
x-request-id
9c78a2dc320b2052d37389080eb20a31
content-encoding
br
access-control-allow-methods
POST
x-content-type-options
nosniff
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
accept
application/json
content-type
application/json
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-flow-id
e40dd85e4c6b49cb931176d82180e441-930bb04dfa7dc48c-0
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://shop.lavita.com
server
nginx
/
sentry.lavita.io/api/2/envelope/
2 B
296 B
Fetch
General
Full URL
https://sentry.lavita.io/api/2/envelope/?sentry_key=bec1ecd4340141b69e3949a6f427cd21&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.106.0
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.132.242.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.83.242.132.142.clients.your-server.de
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2
date
Tue, 24 Sep 2024 11:53:55 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
start
openreplay.lavita.io/ingest/v1/web/
260 B
910 B
Fetch
General
Full URL
https://openreplay.lavita.io/ingest/v1/web/start
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
3d8afd7bb223ffffe75f7ed59e7250b7b5901c7a65f3ab09994b2cf084c2410f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://shop.lavita.com/

Response headers

x-frame-options
sameorigin
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
access-control-max-age
1728000
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
x-request-id
60759b9215c42df418df3cb396034f18
content-encoding
br
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
x-content-type-options
nosniff
access-control-allow-origin
*
date
Tue, 24 Sep 2024 11:53:55 GMT
content-type
application/json
server
nginx
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
app-data.json
shop.lavita.com/page-data/
50 B
907 B
XHR
General
Full URL
https://shop.lavita.com/page-data/app-data.json
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
1edef0577d198630254ce6aade413469b8ba6728b5c1122b712f34f8fe55d782
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sentry-trace
1bb524d5ec5e4a80abe8b0677b26a3eb-8dc453e036e9a03e-0
Referer
https://shop.lavita.com/de?region=DE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
baggage
sentry-environment=production,sentry-release=11041dda1eb734ee35e672a38dfd7eb072d0c681,sentry-public_key=bec1ecd4340141b69e3949a6f427cd21,sentry-trace_id=1bb524d5ec5e4a80abe8b0677b26a3eb,sentry-sample_rate=0.1,sentry-sampled=false

Response headers

x-request-id
af9e556edfebed9a1502404f2fa0bfa6
access-control-max-age
86400
content-encoding
br
etag
W/"f3907b6afbd568809ef5f2833497243c"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Tue, 24 Sep 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
application/json
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
x-amz-request-id
tx00000ce5da087903921d5-0066f2a853-ee251e-website-object-store
server
nginx
page-data.json
shop.lavita.com/page-data/de/
29 KB
6 KB
XHR
General
Full URL
https://shop.lavita.com/page-data/de/page-data.json?v=1726736878822?region=DE
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
ab859b7b13914a957524b1d9d1007b3baa5280fd5fda598ed82aff1cda059d09
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sentry-trace
1bb524d5ec5e4a80abe8b0677b26a3eb-81abf05861494e7d-0
Referer
https://shop.lavita.com/de?region=DE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
baggage
sentry-environment=production,sentry-release=11041dda1eb734ee35e672a38dfd7eb072d0c681,sentry-public_key=bec1ecd4340141b69e3949a6f427cd21,sentry-trace_id=1bb524d5ec5e4a80abe8b0677b26a3eb,sentry-sample_rate=0.1,sentry-sampled=false

Response headers

x-request-id
285c17dd83b337aa4cd0505f11b5fed1
access-control-max-age
86400
content-encoding
br
etag
W/"b7b924bf79d926d8ed5231e72da533cc"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Tue, 24 Sep 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
application/json
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
x-amz-request-id
tx00000d3b9bc77bf254c5a-0066f2a853-163c956-website-object-store
server
nginx
trustbadge.js
widgets.trustedshops.com/assets/
196 KB
44 KB
Script
General
Full URL
https://widgets.trustedshops.com/assets/trustbadge.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abcf92b49a7067075d598cdbc25aeff401c9043ba84531dd502e400dd3bc187b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"f5bf2e5f9344d2996b4839ed44affad8"
age
2839
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
dOUesGt-8sWTT4LWpA1MrK00_Efl__Z8glA2SufeaHdE5fJKXe1A2Q==
date
Tue, 24 Sep 2024 11:06:37 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 06:24:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
favicon-32x32.png
shop.lavita.com/
2 KB
3 KB
Other
General
Full URL
https://shop.lavita.com/favicon-32x32.png?v=5b1c4d3fa334af86a530ce3c3d4f633a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
6c7b520a67ccb3053070daab1655febef2b2fd57264472aa05cd765dfd343be8
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
76325374290d958fcfe985b6a0af5740
access-control-max-age
86400
content-encoding
br
etag
W/"fd537a12672c29b0ddc9ef6a71b3664f"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:55 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
image/png
last-modified
Thu, 19 Sep 2024 09:10:00 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx000005ebc4e06be5d8acb-0066f2a853-163c956-website-object-store
server
nginx
commons-94c52566edb5fae3f1c9.js
shop.lavita.com/
208 KB
55 KB
Script
General
Full URL
https://shop.lavita.com/commons-94c52566edb5fae3f1c9.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
81a75716b4695d7dd50d4d65fe73c055eef524ca9f8323cf41e536d23c51a216
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
1e635cfdcc384535017d5fbe305a85b6
access-control-max-age
86400
content-encoding
br
etag
W/"e8c7c0deb4e0899e4b090a568e90e1fa"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:55 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:10:00 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000184e146a7b04c0dd-0066f2a853-ee251e-website-object-store
server
nginx
73191b528845e4b2f5c8b3de459b12607a30ca6b-50d3b9d05814c5b19f56.js
shop.lavita.com/
59 KB
20 KB
Script
General
Full URL
https://shop.lavita.com/73191b528845e4b2f5c8b3de459b12607a30ca6b-50d3b9d05814c5b19f56.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
8feb758b678a8608bfdfec47421568035d1d2fe5eac307a910e87e0002501e8b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
346765d46c32da03dcc30d9dc9feae67
access-control-max-age
86400
content-encoding
br
etag
W/"ecf35c543babe7ca4820a8217a7eabd1"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:55 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:09:59 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000af6d6ba133b740ab-0066f2a853-ee251e-website-object-store
server
nginx
ae1f69bc5a751cc7d69b0a10b8c217253a1453f9-4d2fd53ff0a348ff9318.js
shop.lavita.com/
56 KB
9 KB
Script
General
Full URL
https://shop.lavita.com/ae1f69bc5a751cc7d69b0a10b8c217253a1453f9-4d2fd53ff0a348ff9318.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
8fbaf5beb85292c0db6d0ccdf93ad4c002a3deff69a6aacb31093629c1ec187a
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
3bd9014ee953f323ce46312b5f841f3e
access-control-max-age
86400
content-encoding
br
etag
W/"b72b2623e2a71586b87b9433e8dc1d57"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:55 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:09:59 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx000001a4709ba72839c03-0066f2a853-163c956-website-object-store
server
nginx
component---src-pages-index-js-8e46c9ab2efbead7517b.js
shop.lavita.com/
23 KB
7 KB
Script
General
Full URL
https://shop.lavita.com/component---src-pages-index-js-8e46c9ab2efbead7517b.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
7ad0cd23f5482708fc4dcdfb44a6a2cafee9dca5ba3dc021e4891d33081e69c9
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
4dccb77a280ffc2d46188210a655f114
access-control-max-age
86400
content-encoding
br
etag
W/"535d02fb2116ae55ff998ffde53832fa"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Thu, 24 Oct 2024 11:53:55 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 09:10:00 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-request-id
tx00000a4f1682236143634-0066f2a853-163c956-website-object-store
server
nginx
173884525.json
shop.lavita.com/page-data/sq/d/
546 B
1 KB
XHR
General
Full URL
https://shop.lavita.com/page-data/sq/d/173884525.json
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
c24ea95afe8c93f9b071c1ed110878823c48c47c48e24229c2f575d26e9f56c7
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sentry-trace
1bb524d5ec5e4a80abe8b0677b26a3eb-a35e98eda5b8beca-0
Referer
https://shop.lavita.com/de?region=DE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
baggage
sentry-environment=production,sentry-release=11041dda1eb734ee35e672a38dfd7eb072d0c681,sentry-public_key=bec1ecd4340141b69e3949a6f427cd21,sentry-trace_id=1bb524d5ec5e4a80abe8b0677b26a3eb,sentry-sample_rate=0.1,sentry-sampled=false

Response headers

x-request-id
86ede844b3c7088dade224b49ba2f12d
access-control-max-age
86400
content-encoding
br
etag
W/"6c94d227a3d4582e172fa06a13bb5169"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Tue, 24 Sep 2024 11:53:54 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:55 GMT
x-rgw-object-type
Normal
content-type
application/json
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
x-amz-request-id
tx000007a27a01596610c41-0066f2a853-ee251e-website-object-store
server
nginx
de-DE.b3e6c60bef6a5b8cacee.chunk.js
widgets.trustedshops.com/assets/
11 KB
4 KB
Script
General
Full URL
https://widgets.trustedshops.com/assets/de-DE.b3e6c60bef6a5b8cacee.chunk.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
032ae942e3849e0bebc135afe34df515786f8b9ad4dd5d1fbca513db88051604

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"b0728b4a6cfeb0dd2aeb65947dd2fcf8"
age
22632
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
VVUkRpV3hyHjiprygV0reqNSu8rDIo6GMzrPYiIU268Ru1xOcJhUIg==
date
Tue, 24 Sep 2024 05:36:44 GMT
content-type
text/javascript
last-modified
Thu, 19 Sep 2024 06:24:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
widgets.trustedshops.com/assets/images/
48 KB
12 KB
Image
General
Full URL
https://widgets.trustedshops.com/assets/images/sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6af29312056c28d3566230a5a50cb63bafa7d6cdc3b65508439db0d985c10bfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"b4672d465962967c88bab0a32f3f9d66"
age
30519
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
r-zXm3slhMurN3kyVi_Sb663nl_gcWKMxMVtJUqzbSRc4UgECNmxXQ==
date
Tue, 24 Sep 2024 03:25:17 GMT
content-type
image/svg+xml
last-modified
Thu, 19 Sep 2024 06:24:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
X49E710FC236D0FD6604F8259314C8A7F.js
widgets.trustedshops.com/js/
2 KB
0
Script
General
Full URL
https://widgets.trustedshops.com/js/X49E710FC236D0FD6604F8259314C8A7F.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-64.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
682f6f6312a795e5604ee0f2577e7bddb98a1a3d925f93c7b3819f6a78500da7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=3600
content-encoding
gzip
etag
W/"175112de086d228c8281ac5734ea75f2"
age
77
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
J6HW48h44MKRjcwrw2Qi0gTJdNQSQieqapR79QdHQPOS19Eatm8ndQ==
date
Tue, 24 Sep 2024 11:52:38 GMT
content-type
text/javascript
last-modified
Tue, 24 Sep 2024 05:12:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
/
sentry.lavita.io/api/2/envelope/
2 B
295 B
Fetch
General
Full URL
https://sentry.lavita.io/api/2/envelope/?sentry_key=bec1ecd4340141b69e3949a6f427cd21&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.106.0
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.132.242.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.83.242.132.142.clients.your-server.de
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
2
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
/
sentry.lavita.io/api/2/envelope/
41 B
335 B
Fetch
General
Full URL
https://sentry.lavita.io/api/2/envelope/?sentry_key=bec1ecd4340141b69e3949a6f427cd21&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.106.0
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.132.242.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.83.242.132.142.clients.your-server.de
Software
/
Resource Hash
82352635dbd0803324d0892156b610131b7eff443982e1af8a0bf08a86649cd3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
41
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
/
sentry.lavita.io/api/2/envelope/
41 B
335 B
Fetch
General
Full URL
https://sentry.lavita.io/api/2/envelope/?sentry_key=bec1ecd4340141b69e3949a6f427cd21&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.106.0
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.132.242.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.83.242.132.142.clients.your-server.de
Software
/
Resource Hash
c6a51a1df9b14fb8ea12c773a73ce996a4acfd78da44867f3ce71856f44b2c9a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
41
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
/
sentry.lavita.io/api/2/envelope/
41 B
335 B
Fetch
General
Full URL
https://sentry.lavita.io/api/2/envelope/?sentry_key=bec1ecd4340141b69e3949a6f427cd21&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.106.0
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.132.242.83 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.83.242.132.142.clients.your-server.de
Software
/
Resource Hash
08d62b2a22f999da8b24e9f0062d5e0b382d8cb5114f3244ab9c5fa7fee387a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://shop.lavita.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
41
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
LaVita_Logo_2020.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=135,q=75,f=auto/logo/
4 KB
0
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=135,q=75,f=auto/logo/LaVita_Logo_2020.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
59ace29fd007f81ce9df7893542e3f29fd1dbce1ed56efce66643b3a4d411cb9
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
x-frame-options
sameorigin
x-request-id
2977721ffe4e1940a22a7c6d7c8790fe, 4cfb0dde383c700d5aed598700f3622c
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:54 GMT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
image/webp
content-disposition
inline; filename="LaVita_Logo_2020.webp"
server
nginx
vary
Accept
headerbild_shop_1534x800px.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1534,q=75,f=auto/shop.lavita.de/
57 KB
0
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1534,q=75,f=auto/shop.lavita.de/headerbild_shop_1534x800px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
a37a2586e7c8b3f4a4ea8d528cb99fa061b2f61e7d36cdc42f756d9cb6a6ac89
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
x-frame-options
sameorigin
x-request-id
d4fe2fa0b087c3ebbde2d3da7735f7a6, 7567d28c777c14e37545bcd4c23b3060
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:54 GMT
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
image/webp
content-disposition
inline; filename="headerbild_shop_1534x800px.webp"
server
nginx
vary
Accept
bundle
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/
777 B
328 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/bundle
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Referer
https://shop.lavita.com/

Response headers

cache-control
no-cache, max-age=0
content-encoding
br
etag
"5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f"
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
exponea.min.js
tdata.lavita.com/js/
186 KB
0
Script
General
Full URL
https://tdata.lavita.com/js/exponea.min.js
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a5f599a6355e5708ad7d040b8ab4f451310b98fe68074b11ba0b4d66f1dc9a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cache-control
max-age=3600
content-encoding
gzip
etag
"66e2b7cf-df4a"
via
1.1 google
expires
Tue, 24 Sep 2024 12:53:54 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57162
date
Tue, 24 Sep 2024 11:53:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 12 Sep 2024 09:43:43 GMT
server
nginx
i
openreplay.lavita.io/ingest/v1/web/
0
0
Preflight
General
Full URL
https://openreplay.lavita.io/ingest/v1/web/i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://shop.lavita.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
date
Tue, 24 Sep 2024 11:53:56 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
sameorigin
x-request-id
a5eddebe6b07532ee6690dfd989285e0
product
api.lavita.com/v1.0/
0
0
Preflight
General
Full URL
https://api.lavita.com/v1.0/product?country=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://shop.lavita.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept
application/json
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, sentry-trace
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://shop.lavita.com
access-control-max-age
86400
content-length
0
date
Tue, 24 Sep 2024 11:53:56 GMT
server
nginx
product
api.lavita.com/v1.0/
32 KB
6 KB
Fetch
General
Full URL
https://api.lavita.com/v1.0/product?country=DE
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
312bfbb2dc9d52963427328d43d550e19c9d3a50707073c8281c99a09494fc16
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Authorization
Bearer eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiI5YzhkYWUyYS01ZmUxLTExZTctYjJjYi0wMDE2M2UwNGMxNjYiLCJleHAiOjE3MjcyMjcyMDcuOTIxNDIyLCJpYXQiOjE3MjcxNDA4MDcuOTIxNDIyLCJhdWQiOiJjb25zdW1lciIsInNpZCI6IjQyNWM3OTA4OGIwN2ZiYmQyODRhNTM0NzY5YjRiZmE4MzFhZmU4ZjU1MTM1MjIwOTNjNTgxZjk0OTlhOWIzNmUiLCJ1aWQiOiJmZjg0MGI0YzMxMDVlZTUzOGM2NmE2NzE0NTdmNjgyOSJ9.AENrxjfs7HIdnp3UwnSNNltTYjC629uNCXy3AilQiJPYefAppn6KMG4Si75MaThX5FMW9sPsOF8E_5mLbj63wPolAQR1r9NEcaK3TZHWXKRuDKH06haJBVhu9ozATHY-IpfRpaRDAXjzpRvLjOIMqKJ7qbbjWVeD-AHZwH0dCJqiZHAP
Referer
https://shop.lavita.com/
accept-language
de
accept
application/json
content-type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

x-last-event-id
None
x-request-id
f021148a022bd7c83e1a9d4244857c87
content-encoding
br
access-control-allow-methods
GET
x-content-type-options
nosniff
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:57 GMT
accept
application/json
content-type
application/json
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-flow-id
90a80665a2644f6b84edc101b16eaf9b-ae14941cb3e09a09-1
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://shop.lavita.com
server
nginx
headerbild_shop_3840x800px.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1920,q=75,f=auto/shop.lavita.de/
44 KB
45 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=1920,q=75,f=auto/shop.lavita.de/headerbild_shop_3840x800px.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
97100138db074e850cda768bac6831218ba55c57f0eb8b34faa692a65f274c52
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
8fd275670bea08bf3d794f9a645ecc05, b8ec435a4661f7774f14ad6b8e1ae076
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:56 GMT
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
image/webp
content-disposition
inline; filename="headerbild_shop_3840x800px.webp"
server
nginx
vary
Accept
01_single-bottle-500-DE.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/LV500/
9 KB
9 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/LV500/01_single-bottle-500-DE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
b2ccdfa6efa59620ab80ed8ecd0b2d3d0f475afc53d17ee5b2e1920bbb3cffec
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
f53b08d29dfb54d03b946f6fe3611163, e7f0ad67d470e4f316decfc730309b58
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:56 GMT
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
image/webp
content-disposition
inline; filename="01_single-bottle-500-DE.webp"
server
nginx
vary
Accept
02_starter-package-DE.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/LV2START/
15 KB
16 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/LV2START/02_starter-package-DE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
b2c53da92d019c2aa613da55f7f657a323dd3cf393b3d313ca01c4fb4383fc93
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
df8e1e9231d0adc09f644d096cbdd822, 01c48693702395a77a4e903c6ad8c0f6
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:56 GMT
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
image/webp
content-disposition
inline; filename="02_starter-package-DE.webp"
server
nginx
vary
Accept
03_subscription-DE.png
assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/SLP500/
10 KB
10 KB
Image
General
Full URL
https://assets.lavita.io/cdn-cgi/image/fit=scale-down,w=412,q=75,f=auto/products/SLP500/03_subscription-DE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
aa96b1860ee4cc5a853685d51b170ebd88eaa17618a97a3fd6316286dc727b94
Security Headers
Name Value
Content-Security-Policy script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
x-frame-options
sameorigin
x-request-id
c3a55cf3338a27270f581b39ca6b2667, 795453ef57046472133c2a280f872fe4
content-security-policy
script-src 'none', default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
max-age=2592000
content-encoding
br
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 11:53:56 GMT
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
image/webp
content-disposition
inline; filename="03_subscription-DE.webp"
server
nginx
vary
Accept
bulk
tdata.lavita.com/
211 B
449 B
Fetch
General
Full URL
https://tdata.lavita.com/bulk
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
49c5d6678b5b1653236b5bd13074ace0547b47606e45772b15f04369e72a7912

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

x-request-id
095be119-5d8b-467c-be17-b329b90a344f
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
bundle
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/
777 B
12 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/bundle
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Referer
https://shop.lavita.com/

Response headers

cache-control
no-cache, max-age=0
content-encoding
br
etag
"5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f"
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
bulk
tdata.lavita.com/
301 B
317 B
Fetch
General
Full URL
https://tdata.lavita.com/bulk
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
42d6ba0b2e4aa8dd8ec8a1c73e60fb13bdf9fa420a4bc5a768f74427966b415f

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

x-request-id
34296190-74c5-4d8f-a7bd-c6bf8bb0cf33
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
show
tdata.lavita.com/managed-tags/
38 B
83 B
Fetch
General
Full URL
https://tdata.lavita.com/managed-tags/show
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
Accept-Encoding
link-ids
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/cookies/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/
0
11 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/cookies/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/link-ids
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 11:53:56 GMT
access-control-allow-credentials
true
bulk
tdata.lavita.com/
211 B
228 B
Fetch
General
Full URL
https://tdata.lavita.com/bulk
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5705f46b04feb3554df6ad65fa44ab35041db388055fe9f420fe87ba753c8077

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

x-request-id
33bffd9c-ae9d-42f6-a4c3-0e2d4313418b
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
bulk
tdata.lavita.com/
315 B
331 B
Fetch
General
Full URL
https://tdata.lavita.com/bulk
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
d522e53a6d4eee501e4ecdeb9a4df588097460c319efc178868d478372a10954

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

x-request-id
14c6e1ab-cda6-4061-8685-b52b8939528a
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
show
tdata.lavita.com/managed-tags/
38 B
83 B
Fetch
General
Full URL
https://tdata.lavita.com/managed-tags/show
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
vary
Accept-Encoding
link-ids
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/cookies/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/
0
11 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/cookies/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/link-ids
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shop.lavita.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
text/plain;charset=UTF-8

Response headers

via
1.1 google
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 11:53:56 GMT
access-control-allow-credentials
true
modifications.min.js
tdata.lavita.com/webxp/script/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/
34 KB
13 KB
Script
General
Full URL
https://tdata.lavita.com/webxp/script/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/modifications.min.js?http-referer=https%3A%2F%2Fshop.lavita.com%2Fde%3Fregion%3DDE&cookie-expires=1821786836
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cache-control
no-cache, max-age=0
content-encoding
gzip
etag
"56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/javascript
vary
Accept-Encoding
bundle
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/
777 B
12 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/bundle
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cache-control
no-cache, max-age=0
content-encoding
br
etag
"5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f"
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
date
Tue, 24 Sep 2024 11:53:56 GMT
content-type
application/json
modifications.min.js
tdata.lavita.com/webxp/script/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/
34 KB
11 B
Script
General
Full URL
https://tdata.lavita.com/webxp/script/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/c59c26d6-49b4-45d7-a4c9-1c919ee76c66/modifications.min.js?http-referer=https%3A%2F%2Fshop.lavita.com%2Fde%3Fregion%3DDE&cookie-expires=1821786836
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
If-None-Match
"56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04"
Referer
https://shop.lavita.com/

Response headers

via
1.1 google
cache-control
no-cache, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
etag
"56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04"
date
Tue, 24 Sep 2024 11:53:56 GMT
bundle
tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/
777 B
12 B
Fetch
General
Full URL
https://tdata.lavita.com/webxp/projects/bc1a3886-886f-11e9-bfbe-0e8d37d7df60/bundle
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.75.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.75.96.34.bc.googleusercontent.com
Software
/
Resource Hash
5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop.lavita.com/

Response headers

cache-control
no-cache, max-age=0
content-encoding
br
etag
"5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f"
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
https://shop.lavita.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
date
Tue, 24 Sep 2024 11:53:57 GMT
content-type
application/json
page-data.json
shop.lavita.com/page-data/de/configure/subscription/
0
6 KB
Other
General
Full URL
https://shop.lavita.com/page-data/de/configure/subscription/page-data.json?v=1726736878822?sku=SLP500
Requested by
Host: cloud.ccm19.de
URL: https://cloud.ccm19.de/app.js?apiKey=a1f0189f6c1c23fb52f3cef031651a41b4d469252bb8b068&domain=6569ad8e25e3c63a0802c7c2&lang=de_DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://shop.lavita.com
Referer
https://shop.lavita.com/de?region=DE

Response headers

x-request-id
cfd67701f6338675dd13a672c34b8fc8
access-control-max-age
86400
content-encoding
br
etag
W/"ab4e725e30ec8ea82238dea85e072f01"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Tue, 24 Sep 2024 11:53:58 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:59 GMT
x-rgw-object-type
Normal
content-type
application/json
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
strict-transport-security
max-age=15724800; includeSubDomains, max-age=63072000; includeSubDomains; preload
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
x-amz-request-id
tx000005774ce360d4a9de9-0066f2a857-163c956-website-object-store
access-control-allow-origin
https://shop.lavita.com
server
nginx
page-data.json
shop.lavita.com/page-data/de/configure/subscription/
29 KB
0
XHR
General
Full URL
https://shop.lavita.com/page-data/de/configure/subscription/page-data.json?v=1726736878822?sku=SLP500
Requested by
Host: shop.lavita.com
URL: https://shop.lavita.com/app-29f58900e990a42059ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.204.44.204 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
route.lavita.net
Software
nginx /
Resource Hash
d0b58058cad50fd964a7d9b379a9681a33347a85b5f71b0f88f341a821e4192e
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

sentry-trace
c1deb23a990348be827fb2b6c0c5a210-9910fdaba386be2d
Referer
https://shop.lavita.com/de?region=DE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
baggage
sentry-environment=production,sentry-release=11041dda1eb734ee35e672a38dfd7eb072d0c681,sentry-public_key=bec1ecd4340141b69e3949a6f427cd21,sentry-trace_id=c1deb23a990348be827fb2b6c0c5a210

Response headers

x-request-id
cfd67701f6338675dd13a672c34b8fc8
access-control-max-age
86400
content-encoding
br
etag
W/"ab4e725e30ec8ea82238dea85e072f01"
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
expires
Tue, 24 Sep 2024 11:53:58 GMT
x-limit-req-status
PASSED
date
Tue, 24 Sep 2024 11:53:59 GMT
x-rgw-object-type
Normal
content-type
application/json
last-modified
Thu, 19 Sep 2024 09:10:01 GMT
x-frame-options
sameorigin
access-control-allow-headers
Authorization, Content-Type, sentry-trace
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
cache-control
no-cache
access-control-allow-credentials
true
x-amz-request-id
tx000005774ce360d4a9de9-0066f2a857-163c956-website-object-store
access-control-allow-origin
https://shop.lavita.com
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shop.lavita.com
URL
blob:https://shop.lavita.com/af5348cb-220d-46cf-882a-2c57fb1ff97f

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| plausible object| Ccm19Plugins object| CCM object| _tsConfig string| pagePath string| ___chunkMapping string| ___webpackCompilationHash object| webpackChunklavita_shop object| google_tag_manager object| google_tag_data object| SENTRY_RELEASE object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| __SENTRY__ boolean| __openreplay_adpss_patched__ object| __OPENREPLAY__ object| tracker object| webpackChunktrustbadge_6_business_logic object| trustbadge object| exponea object| webxpClient object| __sentry_instrumentation_handlers__ object| br_datalayer

6 Cookies

Domain/Path Name / Value
.lavita.com/ Name: _gcl_au
Value: 1.1.1301748118.1727178835
.lavita.com/ Name: __language__
Value: de
.lavita.com/ Name: __region__
Value: DE
tdata.lavita.com/ Name: xnpe_bc1a3886-886f-11e9-bfbe-0e8d37d7df60
Value: c59c26d6-49b4-45d7-a4c9-1c919ee76c66
.lavita.com/ Name: __exponea_etc__
Value: c59c26d6-49b4-45d7-a4c9-1c919ee76c66
.lavita.com/ Name: __exponea_time2__
Value: -0.014300823211669922

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline' blob: data: wss:; img-src 'self' blob: data: https:; object-src 'self'; frame-src 'self' blob: data: https: lavitaapp:; report-uri https://sentry.lavita.io/api/7/security/?sentry_key=6ea35b7ebf064adb9ad7002afcbf1d53
Strict-Transport-Security max-age=15724800; includeSubDomains max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lavita.com
assets.lavita.io
cloud.ccm19.de
openreplay.lavita.io
plausible.io
sentry.lavita.io
shop.lavita.com
tdata.lavita.com
widgets.trustedshops.com
www.googletagmanager.com
shop.lavita.com
13.225.78.64
142.132.242.83
148.251.5.29
2400:52e0:1e00::1080:1
2a00:1450:4001:80f::2008
34.96.75.226
91.204.44.204
032ae942e3849e0bebc135afe34df515786f8b9ad4dd5d1fbca513db88051604
04306454dbed98cf1bc28c2809ec7a4af494f5634a50e51f61ede7b231652ebd
08d62b2a22f999da8b24e9f0062d5e0b382d8cb5114f3244ab9c5fa7fee387a7
0ad342bade7d208cf88ce69a885e60ec8760dd483c426958bd72de776834de2b
1edef0577d198630254ce6aade413469b8ba6728b5c1122b712f34f8fe55d782
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2fe5f3d513658c6100e4fb4b00ba304df0443b5425094cc5bf3278840a058892
312bfbb2dc9d52963427328d43d550e19c9d3a50707073c8281c99a09494fc16
3712c17c27414c5a3981a0c1946d831001f5ad4e45b62577c08928c37f6ec8d4
3a5f599a6355e5708ad7d040b8ab4f451310b98fe68074b11ba0b4d66f1dc9a9
3d8afd7bb223ffffe75f7ed59e7250b7b5901c7a65f3ab09994b2cf084c2410f
42d6ba0b2e4aa8dd8ec8a1c73e60fb13bdf9fa420a4bc5a768f74427966b415f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49c5d6678b5b1653236b5bd13074ace0547b47606e45772b15f04369e72a7912
56f84a30894b9a49bfa0153f64d579d6406c5f5270c051ad9f2f321f173c5b04
5705f46b04feb3554df6ad65fa44ab35041db388055fe9f420fe87ba753c8077
59ace29fd007f81ce9df7893542e3f29fd1dbce1ed56efce66643b3a4d411cb9
5a025c5bf15c8dbb6b25f9ea96c66e66059b441a2f41d41a5d8fbd1e22ff042f
5c858b1c80e2a37e46abc26525a908fe14db93ebdce1dbdbdd2828cd180bbeec
626fe72496124ed536b23b96315c2f70ea07ee1b77fb8809b051abcbe6109f05
682f6f6312a795e5604ee0f2577e7bddb98a1a3d925f93c7b3819f6a78500da7
6af29312056c28d3566230a5a50cb63bafa7d6cdc3b65508439db0d985c10bfe
6c7b520a67ccb3053070daab1655febef2b2fd57264472aa05cd765dfd343be8
6d0ea49f9974b2ca66b780cd788da6de72c7ca9d8429b5a638fa5a7dcc123479
7313eba4358f5f5a8053cefdf084a9f187f5204e9a61de6a88ad8cbc1091fcf9
776c3bcaab06fff6e0930d96133d1fc095b4d510961d49ce7675a9f4ad5aa48d
789a75b5ee3abbdd5cd7c0079a32003e263fd338820b9d2cb849e591ce5fe453
7ad0cd23f5482708fc4dcdfb44a6a2cafee9dca5ba3dc021e4891d33081e69c9
81a75716b4695d7dd50d4d65fe73c055eef524ca9f8323cf41e536d23c51a216
82352635dbd0803324d0892156b610131b7eff443982e1af8a0bf08a86649cd3
88ef5abebfed19a8cdf4c47d4bd65d6125a6cfa5ff59222de68f36e9c9a07408
8fbaf5beb85292c0db6d0ccdf93ad4c002a3deff69a6aacb31093629c1ec187a
8feb758b678a8608bfdfec47421568035d1d2fe5eac307a910e87e0002501e8b
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
97100138db074e850cda768bac6831218ba55c57f0eb8b34faa692a65f274c52
97b8b985a13250c0bbfe025805f42c56de346555c623fe0afcef967b08ea0f85
a37a2586e7c8b3f4a4ea8d528cb99fa061b2f61e7d36cdc42f756d9cb6a6ac89
aa96b1860ee4cc5a853685d51b170ebd88eaa17618a97a3fd6316286dc727b94
ab859b7b13914a957524b1d9d1007b3baa5280fd5fda598ed82aff1cda059d09
abcf92b49a7067075d598cdbc25aeff401c9043ba84531dd502e400dd3bc187b
b033afdc405948960bee03f098e6140a7047579d5456bcfb504a6b4008041e6f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c53da92d019c2aa613da55f7f657a323dd3cf393b3d313ca01c4fb4383fc93
b2ccdfa6efa59620ab80ed8ecd0b2d3d0f475afc53d17ee5b2e1920bbb3cffec
c24ea95afe8c93f9b071c1ed110878823c48c47c48e24229c2f575d26e9f56c7
c6a51a1df9b14fb8ea12c773a73ce996a4acfd78da44867f3ce71856f44b2c9a
c734c434e2df313f16ef8e72d82a0b283a811bbbf8f98480b8f52ef25d14b464
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caa07acd92fa9499d279ce6cbd1dbba7d1515bde3957072fa53826133ccbfaf9
d0b58058cad50fd964a7d9b379a9681a33347a85b5f71b0f88f341a821e4192e
d522e53a6d4eee501e4ecdeb9a4df588097460c319efc178868d478372a10954
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855