urlscan.io logo urlscan.io
SecurityTrails logo

www.decor.srl Open in urlscan Pro
89.186.34.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://decor.srl/
Effective URL: https://www.decor.srl/it
Submission: On May 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 58 HTTP transactions. The main IP is 89.186.34.135, located in San Marino and belongs to PASSEPARTOUT Passepartout, SM. The main domain is www.decor.srl.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on December 11th 2023. Valid for: a year.
This is the only time www.decor.srl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 50 89.186.34.135 39759 (PASSEPART...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 157.240.252.13 32934 (FACEBOOK)
1 157.240.252.35 32934 (FACEBOOK)
58 6
50    89.186.34.135 (San Marino)

ASN39759 (PASSEPARTOUT Passepartout, SM)
PTR: web35.isp.passepartout.net
decor.srl
www.decor.srl
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
50 decor.srl
decor.srl
www.decor.srl
6 MB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
394 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
161 KB
58 3
Domain Requested by
49 www.decor.srl 1 redirects www.decor.srl
3 www.facebook.com www.decor.srl
connect.facebook.net
3 connect.facebook.net www.decor.srl
connect.facebook.net
1 decor.srl 1 redirects
58 4

This site contains links to these domains. Also see Links.

Domain
www.passepartout.net
www.ecminformaticasrl.it
www.mtncompany.it
Subject Issuer Validity Valid
www.decor.srl
RapidSSL TLS RSA CA G1		 2023-12-11 -
2025-01-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-24 -
2024-05-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.decor.srl/it
Frame ID: 4C603FCD8980CE107437D927EB3A0AFD
Requests: 57 HTTP requests in this frame

Frame: https://www.facebook.com/v15.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&is_loaded_by_facade=true&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940061881&sdk=joey
Frame ID: FE966A3AE294E6F61D4BA3894A7F4D44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Decor

Page URL History Show full URLs

  1. https://decor.srl/ HTTP 301
    https://www.decor.srl/ HTTP 301
    https://www.decor.srl/it Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

93 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

6
IPs

2
Countries

6437 kB
Transfer

8724 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://decor.srl/ HTTP 301
    https://www.decor.srl/ HTTP 301
    https://www.decor.srl/it Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request it
www.decor.srl/
Redirect Chain
  • https://decor.srl/
  • https://www.decor.srl/
  • https://www.decor.srl/it
273 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
df538b8c12b805cbb56553a9360937695207d7ed45921d9793c4977c1d13a663
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Fri, 17 May 2024 10:00:51 GMT
expires
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache,no-store
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:50 GMT
expires
-1
location
/it
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap-4.4.1.min.css
www.decor.srl/Static/2023B.64/Scripts/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/bootstrap-4.4.1.min.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
dc9ac54f9001c47aa71519a64d2c8dafc20e968424226e643a13662bd80bd154
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
23686
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:03 GMT
etag
"80ab80249ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
mdb.css
www.decor.srl/Static/2023B.64/Web/MDBPro/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/MDBPro/css/mdb.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
c65be3991f8fdaad17e5aac2299942cfac6e9c7bdec44654c5ec1a5c9c48c402
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
8016
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:19 GMT
etag
"4a9f4d529ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
font-awesome-4.7.0.min.css
www.decor.srl/Static/2023B.64/Scripts/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/font-awesome-4.7.0.min.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
b7b0daaadfdf8852ec0991f0022c90b0cfa0b857ae0c76defdebf0c0b2ec6e9f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
8386
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:13 GMT
etag
"6a5c854e9ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
css_all-responsive.css
www.decor.srl/Static/2023B.64/Web/common/css/ 		163 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/css_all-responsive.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
1132c06e8c265bb6e203b93576cd32e528252a54070c2e1650a172ea662a491c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
20823
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:07 GMT
etag
"805e3269ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
slick.woff
www.decor.srl/Static/2023B.64/Web/common/css/slick/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/slick/fonts/slick.woff
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Origin
https://www.decor.srl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 16 May 2024 14:20:07 GMT
date
Fri, 17 May 2024 10:00:52 GMT
etag
"87914c279ca7da1:0",None
x-powered-by
ARR/3.0
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
1380
x-xss-protection
1; mode=block
slick.css
www.decor.srl/Static/2023B.64/Web/common/css/slick/ 		1 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/slick/slick.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Origin
https://www.decor.srl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
657
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:17 GMT
etag
"3be4b5509ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
slick-theme.css
www.decor.srl/Static/2023B.64/Web/common/css/slick/ 		2 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/slick/slick-theme.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
a52628a8e95c7e7b649772704b7215999394e693c0245f84c6ccb85219c05160
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Origin
https://www.decor.srl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
770
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:07 GMT
etag
"805e3269ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
custom.css
www.decor.srl/Themes/custom/style/1/ 		530 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
a463b0d2a9e6b1fea6379cf9a1ab3477e997a8f0a7f34eea90a0c19c02b3b8d1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 14 May 2024 13:05:37 GMT
strict-transport-security
max-age=31536000
etag
"1daa5ff69b3efe8"
date
Fri, 17 May 2024 10:00:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
black_ihavecookies.css
www.decor.srl/Resources/css/ 		2 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Resources/css/black_ihavecookies.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
da289e247b64bdcec6e1ee1b88ae6c7385d38a35866e78d302d91dc9ed6e0027
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 27 Oct 2022 07:46:01 GMT
strict-transport-security
max-age=31536000
etag
"1d8e9d8288d8525"
date
Fri, 17 May 2024 10:00:52 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-xss-protection
1; mode=block
jquery-1.13.2-ui.min.css
www.decor.srl/Static/2023B.64/Web/common/css/wizard-theme-responsive/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/wizard-theme-responsive/jquery-1.13.2-ui.min.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
863874b451c7e3c4ba1df09cae02859b33a1d912d29bb3eef20bc117b249277e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
7732
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:07 GMT
etag
"805e3269ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.mmenu.all.css
www.decor.srl/Static/2023B.64/Web/common/css/ 		60 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/jquery.mmenu.all.css
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
e3a870c7bd6bf7639f3fdd33b4cc4db0d3df75d0375577149dd43bd8ef703479
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
12343
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:17 GMT
etag
"dd95a7509ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
open-sans.css
www.decor.srl/Fonts/open-sans/ 		0
0
logo_decor.png
www.decor.srl/Resources/decor/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/logo_decor.png
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
070abde64039195315ce05edbe3478f796d5461f574af0127e0194c9e02d86cc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 27 Oct 2022 13:19:32 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d8ea06c009bfa1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
30113
x-xss-protection
1; mode=block
jquery-3.6.0.min.js
www.decor.srl/Static/2023B.64/Scripts/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/jquery-3.6.0.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
c8f19e01e8c1ba18d060c07b52fc81d8702733edbf643b4e5eff8df951d1b45b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:52 GMT
x-powered-by
ARR/3.0
content-length
31022
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:03 GMT
etag
"80ab80249ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery-1.13.2-ui.custom.min.js
www.decor.srl/Static/2023B.64/Scripts/ 		249 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/jquery-1.13.2-ui.custom.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
0a219a59f2df4d7025520aacf3ab1eda0a50589c657e2ae414677efbd70a2d24
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
91078
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:13 GMT
etag
"c2be874e9ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
popper-1.16.0.min.js
www.decor.srl/Static/2023B.64/Scripts/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/popper-1.16.0.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
039ee60b6223a4ac2f100ac9f9f4b9e56a002082e6a7989bb2997823b039ce75
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
7538
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:03 GMT
etag
"80ab80249ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
bootstrap-4.4.1.min.js
www.decor.srl/Static/2023B.64/Scripts/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/bootstrap-4.4.1.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
32416a5fadb51530362d19751f95c5437861b2e0bf051fbf812b0385dc4a4251
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
15914
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:03 GMT
etag
"80ab80249ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.sticky.js
www.decor.srl/Static/2023B.64/Web/MDBPro/js/modules/ 		1 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/MDBPro/js/modules/jquery.sticky.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
486875d449e8aa5dd8153c1ea07c381301eed02e10de35184407353f8b399ffe
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
742
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:19 GMT
etag
"f505e529ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
slick.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/slick.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
4b70fccc56968762d1a8163b0ae061d967dd9f383fc70509989d19c146ed02a1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
14430
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:19 GMT
etag
"89ee3c529ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
trackerPW.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		60 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/trackerPW.js?5
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
7fbff29467d422b7fc9cdccb30944b7e1831a909b2d007dfb9a81f553170e32f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
10123
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:10 GMT
etag
"0c9ac289ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
js_allpluginm.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/js_allpluginm.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
3b494712de3c291cb135833103b7d478ab66bb1dace66609ad7a29a8644b0367
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
34241
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:19 GMT
etag
"18c3a529ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
js_allm.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		315 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/js_allm.js?6
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
d5df58da00a057213c0b5c318e5decdc0fb827ff2493b2eaa5d9fd58a5b972bd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
63045
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:09 GMT
etag
"803214289ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.mmenu.all.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/jquery.mmenu.all.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
44334bcd012aa2b06b1bae205fb27227c5e0387accc422af43abb54d2acb7d9f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
21039
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:21:19 GMT
etag
"ea6433529ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.cookie.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		1 KB
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/jquery.cookie.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
834c804f2c08b6e4ae70c1692d8517381a70e5180816a07896c768571dd3fb21
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
625
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:09 GMT
etag
"803214289ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.ui.touch-punch.min.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/jquery.ui.touch-punch.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
ec43ccd485da4987fb28641dd408d01b9f80a55256c468618cd4fab165fe8fe7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
596
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:09 GMT
etag
"803214289ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
jquery.ihavecookies.min.js
www.decor.srl/Resources/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Resources/js/jquery.ihavecookies.min.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
5d7e26cb4c3ed2d51bdb2c8fa2b66fa99a15dcb51a52cd3b6eeab64678256ae3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 27 Oct 2022 07:46:02 GMT
strict-transport-security
max-age=31536000
etag
"1d8e9d82926090b"
date
Fri, 17 May 2024 10:00:53 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
tracker.js
www.decor.srl/Static/2023B.64/Web/common/js/ 		10 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/js/tracker.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
61e84d5c8356d2d098217301d5e2a1e4050a6977afa20dd4e1086a86f927da65
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
x-powered-by
ARR/3.0
content-length
1362
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 16 May 2024 14:20:10 GMT
etag
"0c9ac289ca7da1:0",None
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 10:00:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
H9v2YOvIwsbtXgsZYOmGVL48GoI/xymxex1PWiEPS1uqxskfm5Pn37JEfgwbtcVJHjbsDl+l+aRXr4WjVh41lA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5559617190787955
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/5559617190787955?v=2.9.156&r=stable&domain=www.decor.srl&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1453de3281182c027386491e2a45c43f3823a6c711b888f726aa1891876b6e57
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 17 May 2024 10:00:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=1, c=62, mss=1326, tbw=63376, tp=-1, tpl=-1, uplat=62, ullat=0
pragma
public
x-fb-debug
1kpmaHiWSIprdb3UIkoLlAUA8sG8Ai4ZWz5hCU9ThN+ow75inkzZT3zqiylfc/Oltn6CAxnITIaBnx2Twvuq7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=5559617190787955&ev=PageView&dl=https%3A%2F%2Fwww.decor.srl%2Fit&rl=&if=false&ts=1715940052893&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715940052889.1102762115&ler=empty&cdl=API_unavailable&it=1715940052767&coo=false&rqm=GET
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 17 May 2024 10:00:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
xfbml.customerchat.js
connect.facebook.net/it_IT/sdk/ 		319 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/it_IT/sdk/xfbml.customerchat.js
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
4449829788d70471db217591f768c684a3a6f366d2453b8bdbf3438be1bfe2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 May 2024 10:00:53 GMT
content-md5
/uAEWz6X7KAXuOei4I1nSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92852
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4337, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
7EcG+V8yOKb8Pbr7irJ9lHFzm4XTCH0fhQcibbyu4hHjFxv5pavSiKx3+fdYWfENiSM/24gD12O+N+kQU+8Svg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
068ac7f2739e04282b9dc445e90dde1e
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"24aad39780ffa13f1dac8e2123aca15a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 17 May 2024 10:13:39 GMT
logo_decor.png
www.decor.srl/Resources/decor/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/logo_decor.png
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
070abde64039195315ce05edbe3478f796d5461f574af0127e0194c9e02d86cc
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
date
Fri, 17 May 2024 10:00:53 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 27 Oct 2022 13:19:32 GMT
etag
"1d8ea06c009bfa1"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
30113
x-xss-protection
1; mode=block
carta-da-parati-decor-adoro.jpg
www.decor.srl/Resources/decor/imghome/ 		272 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/carta-da-parati-decor-adoro.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
7e5e1875d7842a264e269283172558f93f53c9d0280d295875ea7e74bda24126
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2023 07:27:44 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d91f44dec3d978"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
278904
x-xss-protection
1; mode=block
decor-pavimento-con-scritta-1.jpg
www.decor.srl/Resources/decor/imghome/ 		864 KB
865 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/decor-pavimento-con-scritta-1.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
ab55380b799bc9ae82b68b3a29e0be275e74f468c2331ea919b22c1d9b0d887d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2023 07:30:58 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d91f45526424ba"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
885178
x-xss-protection
1; mode=block
sypialnia06_.jpg
www.decor.srl/Resources/decor/imghome/ 		641 KB
641 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/sypialnia06_.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
cb75694c69a055c5e56daed2d388fd7581fdad1499a01d982f523b161855f298
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 07 Apr 2023 14:55:55 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d969610def0c40"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
656320
x-xss-protection
1; mode=block
decorativi-home-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		939 KB
939 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/decorativi-home-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
5ec6ee79c229941cc8e3fe54ed54443e1bf2633eaa1c938e68c26ee494ea04f7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2023 07:44:58 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d91f474719d3fa"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
961274
x-xss-protection
1; mode=block
battiscopa-mardom-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/battiscopa-mardom-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
5a4830ca3d6f8aaca266dbae876fddf92a25a424b63856f4004bfe7e861cbe62
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2023 07:51:51 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d91f483d41b04a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
259530
x-xss-protection
1; mode=block
profililed-decor-4.jpg
www.decor.srl/Resources/decor/imghome/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/profililed-decor-4.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
051a2032b8dc51e92431ab245ac17adb4ab6437e0921bd9c434b2aebda230756
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Themes/custom/style/1/custom.css?1715691937
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Tue, 03 Jan 2023 08:10:03 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1d91f4ac8263314"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
134292
x-xss-protection
1; mode=block
accessori-sito-decor.jpg
www.decor.srl/Resources/Bioshop-New/Blog-immagini/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/Bioshop-New/Blog-immagini/accessori-sito-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
cbf3f61e4efd62c22183f518d9f8861c6888325c5377ff6dda13297f5276b196
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 14 Nov 2022 15:39:25 GMT
date
Fri, 17 May 2024 10:00:54 GMT
etag
"1d8f83f46152ea7"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
154151
x-xss-protection
1; mode=block
fontawesome-webfont.woff2
www.decor.srl/Static/2023B.64/Scripts/font-awesome-4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Static/2023B.64/Scripts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Static/2023B.64/Scripts/font-awesome-4.7.0.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Static/2023B.64/Scripts/font-awesome-4.7.0.min.css
Origin
https://www.decor.srl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 16 May 2024 14:21:16 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"ddac1f509ca7da1:0",None
x-powered-by
ARR/3.0
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
chalk-sito-decor-slider-ok.jpg
www.decor.srl/Resources/decoration/img-cat/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decoration/img-cat/chalk-sito-decor-slider-ok.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
c08001dcd25c5c761e19576e042b2ea33a6d87af5c0de9ce54c7b23b3c309656
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 12:53:58 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1da9258a4c72edf"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
252383
x-xss-protection
1; mode=block
soleado-slider-home-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/soleado-slider-home-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
8551d470c1a51d991817f3b127f4524a19548d4ec6503c8b817776f4650b4b4b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 12:55:25 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"1da9258d8a3b42d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
239789
x-xss-protection
1; mode=block
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
/
www.facebook.com/plugins/customer_chat/facade/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df748067c76280df27%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&is_loaded_by_facade=true&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940054241&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/it_IT/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.decor.srl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Fri, 17 May 2024 10:00:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4353, tp=10, tpl=0, uplat=114, ullat=0
pragma
no-cache
x-fb-debug
4z+40ZPVAoOojS469LUnpHPjJSiTUUIGPy1BqECy+sDXQIIOaSvu2jt/grrtUk+0sSlLook6u6O11WyfHYOKaw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.decor.srl
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ajax-loader.gif
www.decor.srl/Static/2023B.64/Web/common/css/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Static/2023B.64/Web/common/css/slick/ajax-loader.gif
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/Static/2023B.64/Web/common/css/slick/slick-theme.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/ ARR/3.0
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/Static/2023B.64/Web/common/css/slick/slick-theme.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 16 May 2024 14:20:07 GMT
date
Fri, 17 May 2024 10:00:53 GMT
etag
"3c2f4a279ca7da1:0",None
x-powered-by
ARR/3.0
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
4178
x-xss-protection
1; mode=block
kroma-slider-home-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		238 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/kroma-slider-home-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
7e85b4a04e627e1c7b4fc0d24f0f677b30b0e67a9a956065af685cd908629d23
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:06:54 GMT
date
Fri, 17 May 2024 10:00:55 GMT
etag
"1da925a734e9d93"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
243347
x-xss-protection
1; mode=block
wall-pannel-slider-decor-.jpg
www.decor.srl/Resources/decor/imghome/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/wall-pannel-slider-decor-.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
13e40fa4f0a90a66c280d8801b7447f71d7383f9e62e0997d848fe0eb956a384
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:13:22 GMT
date
Fri, 17 May 2024 10:00:55 GMT
etag
"1da925b5a92592e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
203822
x-xss-protection
1; mode=block
tesoro-slider-decor-sito.jpg
www.decor.srl/Resources/decor/imghome/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/tesoro-slider-decor-sito.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
4a36416f85b2fac9fc5a55e238c7e54bd87c47a123f3a4cca269054a69091758
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:20:16 GMT
date
Fri, 17 May 2024 10:00:55 GMT
etag
"1da925c51512581"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
363905
x-xss-protection
1; mode=block
joy-home-slider-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/joy-home-slider-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
abc076e2e0ebc523ee453d3b0908794f20d847613962f0fb708b9756e3aa5717
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:28:16 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1da925d6f6c5500"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
167168
x-xss-protection
1; mode=block
muance-5-slider-home-decor.jpg
www.decor.srl/Resources/decoration/img-cat/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decoration/img-cat/muance-5-slider-home-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
a00fdb0caf78d58a2e0bc06fa366e9917ca225e6e6a2a9b22ea7a5a9cdad1778
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:33:41 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1da925e3126d800"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
209024
x-xss-protection
1; mode=block
slider-home-herbarium-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		351 KB
351 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/slider-home-herbarium-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
ecef0a7cee172358e75c1c312470ada7092b7eaa244d07a70b316976c4fb98e9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:41:33 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1da925f4a7e1e91"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
358929
x-xss-protection
1; mode=block
natural-fx-2-slider-home-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/natural-fx-2-slider-home-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
2ec435e0300b93be501667dc8f5c1edc11a2434904cd954efa6d58b0cc8701c8
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:50:11 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1da92607f398ccb"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
157515
x-xss-protection
1; mode=block
el-palacio-home-slider-decor.jpg
www.decor.srl/Resources/decor/imghome/ 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.decor.srl/Resources/decor/imghome/el-palacio-home-slider-decor.jpg
Requested by
Host: www.decor.srl
URL: https://www.decor.srl/it
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
8572428a2aa1984461ee940d9a0d7b500fddb433d4a51bef6cef6909c115664e
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 13:55:27 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1da92613b9605ed"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
242797
x-xss-protection
1; mode=block
favicon.png
www.decor.srl/Resources/decor/ 		86 KB
86 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.decor.srl/Resources/decor/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.186.34.135 , San Marino, ASN39759 (PASSEPARTOUT Passepartout, SM),
Reverse DNS
web35.isp.passepartout.net
Software
/
Resource Hash
cbcdcb25698da1ba5d6a20a1d8a9b18870d8f8ccee15d698a863adff1d5b66c3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.decor.srl/it
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
strict-transport-security
max-age=31536000
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Thu, 03 Nov 2022 14:04:34 GMT
date
Fri, 17 May 2024 10:00:56 GMT
etag
"1d8ef8d3373d2f7"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
88055
x-xss-protection
1; mode=block
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0
customerchat.php
www.facebook.com/v15.0/plugins/ Frame FE96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v15.0/plugins/customerchat.php?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&is_loaded_by_facade=true&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940061881&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/it_IT/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.decor.srl; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.decor.srl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
frame-ancestors https://www.decor.srl; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Fri, 17 May 2024 10:01:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=2779, tp=-1, tpl=-1, uplat=77, ullat=0
x-fb-debug
ie04HE90IffETd3yBPmNfsWIUpn3ko307mdPL+6x+5HMc8pK2vAFY1qzpUpyzux7lTGljAt498sCwfz1d84iuQ==
x-xss-protection
0
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.decor.srl
URL
https://www.decor.srl/Fonts/open-sans/open-sans.css
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df748067c76280df27%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940054241&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940061881&sdk=joey&suppress_http_code=1
Domain
www.facebook.com
URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_load&is_loaded_by_facade=true&loading_time=157&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940062038&sdk=joey&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| InitCollapsecontainer_15 function| InitCollapsecontainer_18 object| r_oc_row_22_offcanvas function| OCcontainer_22 function| InitCollapsecontainer_48 function| InitCollapsecontainer_1744 function| InitCollapsecontainer_1762 function| InitCollapsecontainer_1629 function| InitCollapsecontainer_57 function| InitCollapsecontainer_64 function| InitCollapsecontainer_91 function| InitCollapsecontainer_102 function| InitCollapsecontainer_121 function| InitCollapsecontainer_125 function| InitCollapsecontainer_131 function| InitCollapsecontainer_142 object| chatbox function| fbAsyncInit function| $ function| jQuery object| FB boolean| _isReact boolean| _isResponsive boolean| _isApp number| _versioneApp boolean| _caching object| _chtkn object| _permalinkProduct object| _permalinkCms function| getCookie function| eraseCookie function| registrationSocial function| loginSocial object| trackerSettings string| urlFileStatici number| _pwTrkId object| dataLayer boolean| __bLazyEnabled function| AddHiddenAntiforgerytoken function| initAntiforgerytoken function| nuovoIndirizzo function| Popper object| bootstrap function| CookiebotCallback_OnAccept function| CookiebotCallback_OnDecline function| IubendaCallback_OnPreferenceExpressed function| OneTrust_OnConsentChanged function| setCookie object| TrackerPW function| __GetGlobalBehaviour function| DebugMe function| supportsTransitions boolean| pp_alreadyInitialized object| lazySizes function| TP_jQuery_1715940053916 object| $jScroller object| tipologiaGift object| tipologiaCart object| tipologiaCartMain object| tipologiaWishlistMain object| tipologiaRmaMain object| tipoStepGACheckout object| tipologiaCheckout object| tipologiaRefresh object| tipologiaForm object| __carouselState object| Site function| PWLightBox function| PwCollapse boolean| jquery_mmenu_all_js function| __GetSite function| PW_Tracker function| PW_TrovaPrezzi function| PW_Zanox function| PW_Test boolean| preferences

4 Cookies

Domain/Path Name / Value
www.decor.srl/ Name: fileDownload
Value: true
www.decor.srl/ Name: ASP.NET_SessionId
Value: CfDJ8LJ19NXb5adAgHpqbj3SCipKbSyxGyza68GxRHxCiiP8Ip3V%2FJq71mcu%2F5HefySzrmr40AfPfjDl2RWitg9Np6gW4atCrEBayti30PXIjwJ3QNXVDgsUGaCtNSRfej8FqyGkkMhQx%2B8fAnd4khi%2FjP6AwSsiLv3uDgvalzUapXel
www.decor.srl/ Name: .AspNetCore.Antiforgery.LmLZqaZdMp0
Value: CfDJ8LJ19NXb5adAgHpqbj3SCiopM4sXPinzKpTLfmYuDJPcH4b6iWjqe-GJIWYmid53SwO9jvxbchjJpIvVD1hlTe2VmZE7nBV7lV8quTr3XNjUzkyIsjKzsRCnFnuaJXgPlPZGuZ2sjr7ms2Fk4O0V2AM
.decor.srl/ Name: _fbp
Value: fb.1.1715940052889.1102762115

8 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/5559617190787955?v=2.9.156&r=stable&domain=www.decor.srl&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://www.decor.srl/it
Message:
Refused to apply style from 'https://www.decor.srl/Fonts/open-sans/open-sans.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
javascript error URL: https://www.decor.srl/it
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df748067c76280df27%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940054241&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://www.decor.srl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df748067c76280df27%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940054241&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.decor.srl/it
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940061881&sdk=joey&suppress_http_code=1' from origin 'https://www.decor.srl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_create&is_loaded_by_facade=true&loading_time=0&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940061881&sdk=joey&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.decor.srl/it
Message:
Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_load&is_loaded_by_facade=true&loading_time=157&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940062038&sdk=joey&suppress_http_code=1' from origin 'https://www.decor.srl' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc13a55a50306f015%26domain%3Dwww.decor.srl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.decor.srl%252Ff85eeab04cda45129%26relation%3Dparent.parent&container_width=1570&current_url=https%3A%2F%2Fwww.decor.srl%2Fit&event_name=chat_plugin_sdk_dialog_iframe_load&is_loaded_by_facade=true&loading_time=157&locale=it_IT&log_id=3ecae461-12c2-49f0-83fe-fb60da5fef51&page_id=109684707117586&request_time=1715940062038&sdk=joey&suppress_http_code=1
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' blob: data: ;frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
decor.srl
www.decor.srl
www.facebook.com
www.decor.srl
www.facebook.com
157.240.252.13
157.240.252.35
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
89.186.34.135
039ee60b6223a4ac2f100ac9f9f4b9e56a002082e6a7989bb2997823b039ce75
051a2032b8dc51e92431ab245ac17adb4ab6437e0921bd9c434b2aebda230756
070abde64039195315ce05edbe3478f796d5461f574af0127e0194c9e02d86cc
0a219a59f2df4d7025520aacf3ab1eda0a50589c657e2ae414677efbd70a2d24
1132c06e8c265bb6e203b93576cd32e528252a54070c2e1650a172ea662a491c
13e40fa4f0a90a66c280d8801b7447f71d7383f9e62e0997d848fe0eb956a384
1453de3281182c027386491e2a45c43f3823a6c711b888f726aa1891876b6e57
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ec435e0300b93be501667dc8f5c1edc11a2434904cd954efa6d58b0cc8701c8
32416a5fadb51530362d19751f95c5437861b2e0bf051fbf812b0385dc4a4251
3a13842a583e6e6a0fc3032fb9ca288322effc1a96dc1dfbec4698bd67b49c39
3b494712de3c291cb135833103b7d478ab66bb1dace66609ad7a29a8644b0367
44334bcd012aa2b06b1bae205fb27227c5e0387accc422af43abb54d2acb7d9f
4449829788d70471db217591f768c684a3a6f366d2453b8bdbf3438be1bfe2f8
486875d449e8aa5dd8153c1ea07c381301eed02e10de35184407353f8b399ffe
4a36416f85b2fac9fc5a55e238c7e54bd87c47a123f3a4cca269054a69091758
4b70fccc56968762d1a8163b0ae061d967dd9f383fc70509989d19c146ed02a1
5a4830ca3d6f8aaca266dbae876fddf92a25a424b63856f4004bfe7e861cbe62
5d7e26cb4c3ed2d51bdb2c8fa2b66fa99a15dcb51a52cd3b6eeab64678256ae3
5ec6ee79c229941cc8e3fe54ed54443e1bf2633eaa1c938e68c26ee494ea04f7
61e84d5c8356d2d098217301d5e2a1e4050a6977afa20dd4e1086a86f927da65
7e5e1875d7842a264e269283172558f93f53c9d0280d295875ea7e74bda24126
7e85b4a04e627e1c7b4fc0d24f0f677b30b0e67a9a956065af685cd908629d23
7fbff29467d422b7fc9cdccb30944b7e1831a909b2d007dfb9a81f553170e32f
834c804f2c08b6e4ae70c1692d8517381a70e5180816a07896c768571dd3fb21
8551d470c1a51d991817f3b127f4524a19548d4ec6503c8b817776f4650b4b4b
8572428a2aa1984461ee940d9a0d7b500fddb433d4a51bef6cef6909c115664e
863874b451c7e3c4ba1df09cae02859b33a1d912d29bb3eef20bc117b249277e
a00fdb0caf78d58a2e0bc06fa366e9917ca225e6e6a2a9b22ea7a5a9cdad1778
a463b0d2a9e6b1fea6379cf9a1ab3477e997a8f0a7f34eea90a0c19c02b3b8d1
a52628a8e95c7e7b649772704b7215999394e693c0245f84c6ccb85219c05160
ab55380b799bc9ae82b68b3a29e0be275e74f468c2331ea919b22c1d9b0d887d
abc076e2e0ebc523ee453d3b0908794f20d847613962f0fb708b9756e3aa5717
b7b0daaadfdf8852ec0991f0022c90b0cfa0b857ae0c76defdebf0c0b2ec6e9f
c08001dcd25c5c761e19576e042b2ea33a6d87af5c0de9ce54c7b23b3c309656
c65be3991f8fdaad17e5aac2299942cfac6e9c7bdec44654c5ec1a5c9c48c402
c8f19e01e8c1ba18d060c07b52fc81d8702733edbf643b4e5eff8df951d1b45b
cb75694c69a055c5e56daed2d388fd7581fdad1499a01d982f523b161855f298
cbcdcb25698da1ba5d6a20a1d8a9b18870d8f8ccee15d698a863adff1d5b66c3
cbf3f61e4efd62c22183f518d9f8861c6888325c5377ff6dda13297f5276b196
d5df58da00a057213c0b5c318e5decdc0fb827ff2493b2eaa5d9fd58a5b972bd
da289e247b64bdcec6e1ee1b88ae6c7385d38a35866e78d302d91dc9ed6e0027
dc9ac54f9001c47aa71519a64d2c8dafc20e968424226e643a13662bd80bd154
df538b8c12b805cbb56553a9360937695207d7ed45921d9793c4977c1d13a663
e3a870c7bd6bf7639f3fdd33b4cc4db0d3df75d0375577149dd43bd8ef703479
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ec43ccd485da4987fb28641dd408d01b9f80a55256c468618cd4fab165fe8fe7
ecef0a7cee172358e75c1c312470ada7092b7eaa244d07a70b316976c4fb98e9