| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Vary | Accept-Encoding |
| X-Frame-Options | SAMEORIGIN |
| Cache-Control | max-age=0, reload, no-cache, no-store, must-revalidate |
| Cf-Ray | 932c587f2cf3e690-AMS |
| Content-Type | text/html; charset=utf-8 |
| X-Xss-Protection | 1; mode=block |
| Content-Security-Policy | block-all-mixed-content ;upgrade-insecure-requests ;default-src 'self' adventori.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.abtasty.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.abtasty.com *.y-track.com *.google-analytics.com *.googletagmanager.com www.googletagmanager.com vjs.zencdn.net www.google.com/recaptcha/ www.gstatic.com/recaptcha/ ui.onepay.decathlon.net *.paypal.com *.braintreegateway.com *.brightcove.net *.trylive.com *.googleapis.com sdk.privacy-center.org sdk.woosmap.com www.booxi.eu appmobile-bridge-js.s3-eu-west-1.amazonaws.com *.woosmap.com ui.onepay-qualification.decathlon.io cdn.tagcommander.com *.facebook.net *.dynatrace.com platform.commandersact.com *.commander1.com *.criteo.com *.criteo.net *.adnxs.com adventori.com www.googleadservices.com bat.bing.com *.salecycle.com *.doubleclick.net *.hotjar.com redirect3536.tagcommander.com *.oppwa.com oppwa.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net qanda.decathlon.com wurfl.io *.commandersact.com translate.google.com nxtck.com onepay-ui.decathlon.net *.contentsquare.net *.contentsquare.com www.youtube.com wss://*.hotjar.com *.loadbee.com *.decathlon.net via.batch.com *.dynamicyield.com *.klarnaservices.com *.onepay-v2-commons-prod-0ywm.decathlon.io screencapture.kampyle.com screencapture-cdn.kampyle.com sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com md-scp.kampyle.com resources.digital-cloud-west.medallia.com pay.google.com/gp/p/js/pay.js applepay.cdn-apple.com rum.browser-intake-datadoghq.eu session-replay.browser-intake-datadoghq.eu logs.browser-intake-datadoghq.eu logs.browser-intake-datadoghq.com browser-intake-datadoghq.eu safesizepublic.ucscentral.com google.com/pay tags.creativecdn.com second-life-xps.secondlifebff-prod-bkpr.decathlon.io *.dotomi.com cdn.amplitude.com api.amplitude.com api2.amplitude.com pay.datatrans.com view.publitas.com scripts.publitas.com js.stripe.com *.js.stripe.com *.c360a.salesforce.com analytics.tiktok.com www.dwin1.com cdn.mookie1.com *.outbrain.com *.pinimg.com snap.licdn.com *.adition.com unpkg.com www.decathlon.be *.retailrocket.net *.cloudfront.net *.serving-sys.com static.zdassets.com widget-mediator.zopim.com *.yimg.com *.ligatus.com www.zenaps.com the.sciencebehindecommerce.com t.contentsquare.net contentsquare.com script.google.com *.jsdelivr.net *.cloudflare.com script.googleusercontent.com decathlon.fr *.numerized.com *.syteapi.com syteapi.com exif-remover-eu.s3.amazonaws.com *.mopinion.com syte-client-inspo.s3.eu-central-1.amazonaws.com deploy.mopinion.com plugin.prod.buyfive.co api.prod.buyfive.co act-eu.rd.linksynergy.com resources.dev.buyfive.co player.vimeo.com *.buyfive.tech console.rul.ai www.youtube.com/player_api resources.prod.buyfive.co js.adsrvr.org/ insight.adsrvr.org/ match.adsrvr.org/ thetradedesk.com/ googleads.g.doubleclick.net/ cm.g.doubleclick.net/ stats.g.doubleclick.net/ campaignmanager.google.com/ s2.adform.net/ a1.adform.net/ flow.adform.com/ one.zemanta.com/ p1.zemanta.com/ p.teads.tv/teads-fellow.js js-tag.zemanta.com/zcpt.js track.adform.net/Serving/TrackPoint/ rtb-csync.smartadserver.com/redir sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ criteo-sync.teads.tv/um cm.adform.net/pixel criteo-partners.tremorhub.com/sync sync-criteo.ads.yieldmo.com/sync affiliation.decathlon.be/ *.smart-tribune.com https://apps.mypurecloud.de ct.pinterest.com;connect-src 'self' *.google-analytics.com *.analytics.google.com *.abtasty.com *.y-track.com *.woosmap.com *.brightcove.com *.brightcovecdn.com *.paypal.com *.braintree-api.com *.braintreegateway.com *.decathlon.net *.decathlon.com *.booxi.eu api.privacy-center.org www.facebook.com *.doubleclick.net bat.bing.com api.booxi.eu bf97725pbp.bf.dynatrace.com *.hotjar.com *.hotjar.io *.oppwa.com oppwa.com *.brightcove.net checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net qanda.decathlon.com booxi-api-be.appspot.com booxi-api.appspot.com sync.commander1.com *.boltdns.net *.akamaihd.net *.contentsquare.net tracking-api-4lasu2nlcq-ew.a.run.app *.googleapis.com wss://*.hotjar.com www.googletagmanager.com via.batch.com ws.batch.com *.dynamicyield.com *.dynamicyield.eu *.klarnaservices.com *.onepay-v2-commons-prod-0ywm.decathlon.io sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com md-scp.kampyle.com resources.digital-cloud-west.medallia.com analytics-fe.digital-cloud-west.medallia.com www.google.com/pay signin.easyence.tech google.com/pay pay.google.com ams.creativecdn.com rum.browser-intake-datadoghq.eu session-replay.browser-intake-datadoghq.eu logs.browser-intake-datadoghq.eu logs.browser-intake-datadoghq.com browser-intake-datadoghq.eu second-life-xps.secondlifebff-prod-bkpr.decathlon.io cdn.amplitude.com api.amplitude.com api2.amplitude.com api.stripe.com *.c360a.salesforce.com sslwidget.criteo.com measurement-api.criteo.com analytics.tiktok.com www.decathlon.be *.retailrocket.net ekr.zdassets.com *.zendesk.com wss://widget-mediator.zopim.com *.salecycle.com wss://*.salecycle.com s.yimg.com the.sciencebehindecommerce.com script.google.com script.googleusercontent.com decathlon.fr *.numerized.com cache-api-6y24sun4va-ew.a.run.app settings.luckyorange.net *.syteapi.com syteapi.com exif-remover-eu.s3.amazonaws.com syte-client-inspo.s3.eu-central-1.amazonaws.com api.prod.buyfive.co *.mopinion.com act-eu.rd.linksynergy.com plugin.prod.buyfive.co maintenance.decathlon.be vimeo.com *.buyfive.tech console.rul.ai spreadsheets.google.com resources.prod.buyfive.co fpc.decathlon.be t.teads.tv/track cm.teads.tv/v2/advertiser https://api-cdn.mypurecloud.de wss://webmessaging.mypurecloud.de https://api.mypurecloud.de https://fileupload.mypurecloud.de https://apps.mypurecloud.de/cobrowse-next/ wss://cobrowse-v2.mypurecloud.de https://www.google.com/pagead/landing ct.pinterest.com;img-src 'self' data: blob: *.decathlon.com *.cube-net.org *.cube-net.pub contents.mediadecathlon.com *.google-analytics.com *.googletagmanager.com *.brightcove.com *.brightcove.net *.brightcovecdn.com *.paypal.com prod-wt.aws.y-track.com manager.tagcommander.com *.googleapis.com *.abtasty.com *.woosmap.com www.facebook.com www.google.com www.google.es www.google.fr www.google.it www.google.nl www.google.be www.google.pl *.doubleclick.net bat.bing.com *.gstatic.com sync.commander1.com *.atdmt.com tag.goldenbees.fr *.crm4d.com *.adsrvr.org *.adnxs.com sdk.privacy-center.org checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net voucher.decathlon.net apigift.decathlon.com site.booxi.com www.mediadecathlon.com *.boltdns.net *.mediadecathlon.com *.contentsquare.net *.googleadservices.com adservice.google.com wss://*.hotjar.com via.batch.com ws.batch.com icons.batch.com *.onepay-v2-commons-prod-0ywm.decathlon.io screencaptue-cdn.kampyle.com udc-neb.kampyle.com nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com cdn-workshop-pop.decathlon.net *.dotomi.com pay.datatrans.com onepay-widget.decathlon.net *.dynamicyield.com *.klarnaservices.com bcboltbde696aa-a.akamaihd.net *.criteo.com analytics.tiktok.com ams.creativecdn.com *.linkedin.com *.outbrain.com sync.adotmob.com prod.y-medialink.com sp.analytics.yahoo.com ext.ligatus.com www.zenaps.com www.decathlon.fr assets.sc-trc.com www.awin1.com www.decathlon.be decathlon.fr *.syteapi.com syteapi.com exif-remover-eu.s3.amazonaws.com syte-client-inspo.s3.eu-central-1.amazonaws.com resources.prod.buyfive.co plugin.prod.buyfive.co *.buyfive.tech console.rul.ai i.ytimg.com assets.decathlon.site www.tribord.tm.fr l.teads.tv/performance/http-source t.teads.tv/track p1.zemanta.com/v2/p/js/57641/PAGE_VIEW/ pixel.rubiconproject.com/tap.php ad.360yield.com/match contextual.media.net/cksync.php rtb-csync.smartadserver.com/redir/ criteo-sync.teads.tv/um cm.adform.net/pixel criteo-partners.tremorhub.com/sync ad.yieldlab.net/m sync-criteo.ads.yieldmo.com/sync server.seadform.net/serving/cookie/sync/ smart-tribune.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ ct.pinterest.com;style-src 'self' 'unsafe-inline' www.booxi.eu fonts.googleapis.com *.decathlon.com *.oppwa.com oppwa.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.abtasty.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.mediadecathlon.com wss://*.hotjar.com scripts.publitas.com *.klarnacdn.net *.onepay-v2-commons-prod-0ywm.decathlon.io screencaptue-cdn.kampyle.com nebula-cdn.kampyle.com md-scp.kampyle.com resources.digital-cloud-west.medallia.com second-life-xps.secondlifebff-prod-bkpr.decathlon.io storage.googleapis.com/sl-front-xp-bucket-4v-tmoq/account/ storage.googleapis.com/sphere-assets-prod-71-hbfe/ onepay-widget.decathlon.net pay.datatrans.com *.dynamicyield.com *.dynamicyield.eu *.criteo.com *.cube-net.org *.cube-net.pub 9152527.fls.doubleclick.net cdn.rawgit.com cdn.retailrocket.net cdnjs.cloudflare.com decathlon-be-fr--tst2.custhelp.com decathlon-be-fr--tst2.widget.custhelp.com decathlon-be-fr.custhelp.com decathlon-be-nl--tst2.custhelp.com decathlon-be-nl--tst2.widget.custhelp.com decathlon-be-nl.custhelp.com fonts.gstatic.com maxcdn.bootstrapcdn.com qanda.decathlon.com rrstatic.retailrocket.net unpkg.com www.googletagmanager.com *.syteapi.com syteapi.com exif-remover-eu.s3.amazonaws.com syte-client-inspo.s3.eu-central-1.amazonaws.com resources.prod.buyfive.co *.mopinion.com plugin.prod.buyfive.co *.buyfive.tech console.rul.ai smart-tribune.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cobrowse-v2.mypurecloud.de;font-src 'self' data: *.decathlon.com fonts.gstatic.com *.oppwa.com oppwa.com *.abtasty.com qanda.decathlon.com *.googleapis.com *.gstatic.com *.klarnacdn.net *.onepay-v2-commons-prod-0ywm.decathlon.io nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com cdn-workshop-pop.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io *.dynamicyield.com *.dynamicyield.eu *.cube-net.org *.cube-net.pub maxcdn.bootstrapcdn.com www.decathlon.be resources.prod.buyfive.co *.buyfive.tech console.rul.ai smart-tribune.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cobrowse-v2.mypurecloud.de https://www.booxi.eu;object-src view.publitas.com;base-uri 'self';worker-src 'self' blob: via.batch.com;media-src 'self' blob: secure.brightcove.com *.brightcove.com *.brightcove.net *.boltdns.net *.mediadecathlon.com *.criteo.com bcboltbde696aa-a.akamaihd.net *.akafms.net *.akamaihd.net static.zdassets.com www.decathlon.fr decathlon.fr resources.prod.buyfive.co *.buyfive.tech console.rul.ai;frame-src 'self' *.youtube.com www.google.com/recaptcha/ saas.trylive.com/ site.booxi.eu/ reviews.decathlon.com www.facebook.com *.doubleclick.net *.atdmt.com c.paypal.com checkout.paypal.com www.paypal.com *.hotjar.com *.oppwa.com oppwa.com *.brightcove.net checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com qanda.decathlon.com reviews-collect-eu.satisphere.decathlon.net *.mediadecathlon.com view.publitas.com www.pinterest.com *.abtasty.com *.decathlon.net wss://*.hotjar.com screencapture.kampyle.com nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com pay.google.com safesizepublic.ucscentral.com *.klarnaservices.com *.creativecdn.com pay.datatrans.com js.stripe.com *.js.stripe.com hooks.stripe.com gum.criteo.com fledge.eu.criteo.com www.googletagmanager.com csxd.contentsquare.net decathlon-be-fr--tst2.custhelp.com *.salecycle.com www.zenaps.com embed.windy.com decathlon-be-fr.custhelp.com helpfr.decathlon.be decathlon-be-nl.custhelp.com helpnl.decathlon.be www.youtube-nocookie.com player.vimeo.com console.rul.ai www.pinterest.fr form.jotform.com submit.jotformeu.com c1.adform.net/ insight.adsrvr.org/ https://apps.mypurecloud.de/messenger/messenger.html https://apps.mypurecloud.de/messenger/messenger-renderer.html https://apps.mypurecloud.de/cobrowse-next/sharer-toolbar.html https://www.booxi.eu;frame-ancestors 'self'; |
| Server | cloudflare |
| Referrer-Policy | no-referrer-when-downgrade |
| X-Permitted-Cross-Domain-Policies | master-only |
| Date | Sat, 19 Apr 2025 12:18:38 GMT |
| Connection | keep-alive |
| X-Content-Type-Options | nosniff |
| Set-Cookie | PLAY_LANG=nl; Max-Age=64000; Expires=Sun, 20 Apr 2025 06:05:18 GMT; Path=/; HTTPOnly |
| Strict-Transport-Security | max-age=15768000; includeSubDomains; preload |
| Cf-Cache-Status | DYNAMIC |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar