| Header Name | Header Data |
|---|---|
| HTTP status code | 200 |
| Server | cloudflare |
| Date | Mon, 07 Apr 2025 19:06:33 GMT |
| Cache-Control | private, no-cache, no-store, max-age=0, must-revalidate |
| Link | <https://contents.mediadecathlon.com>; rel=preconnect, </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/css/b2350b346a37e864.css>; rel=preload; as="style", </_next/static/css/21e4cc677e0cee24.css>; rel=preload; as="style", </_next/static/css/e93b2468fd9fd10a.css>; rel=preload; as="style", </_next/static/css/55a727c937281f7a.css>; rel=preload; as="style", </_next/static/css/5c35c0babb8d3a51.css>; rel=preload; as="style", </_next/static/css/e66fab2ea3d15742.css>; rel=preload; as="style", </_next/static/css/6c16839d23cf85e8.css>; rel=preload; as="style", </_next/static/css/62164656b7a51c9b.css>; rel=preload; as="style", </_next/static/css/a29b0094e18c0226.css>; rel=preload; as="style", </_next/static/css/4b18dd06e5711e31.css>; rel=preload; as="style", </_next/static/css/2d59e79be421f846.css>; rel=preload; as="style", </_next/static/css/54d3f35b92c0fab0.css>; rel=preload; as="style", </_next/static/css/320fa5446195f7c8.css>; rel=preload; as="style", </_next/static/css/f4f91c3701b78e2d.css>; rel=preload; as="style", </_next/static/css/68c5cdcf203bb656.css>; rel=preload; as="style", </_next/static/css/279c421ae099f206.css>; rel=preload; as="style", </_next/static/css/34c5ae42bca0f93e.css>; rel=preload; as="style", </_next/static/css/ab360b8b8297df11.css>; rel=preload; as="style", </_next/static/css/2182f00ca45f24d6.css>; rel=preload; as="style", </_next/static/css/6b2e147b98430c5c.css>; rel=preload; as="style", </_next/static/css/8eb9ae7eab9cf780.css>; rel=preload; as="style", </_next/static/css/abb51fec0491f2f3.css>; rel=preload; as="style", </_next/static/css/364be50eaaa37b39.css>; rel=preload; as="style", </_next/static/css/6a860848a60a7c31.css>; rel=preload; as="style", </_next/static/css/fb29e63993d34218.css>; rel=preload; as="style", </_next/static/css/5ec1ab06d7b579e4.css>; rel=preload; as="style", </_next/static/css/bf487c72759060df.css>; rel=preload; as="style", </_next/static/css/8b6bb99db14bd8c3.css>; rel=preload; as="style", </_next/static/css/35e8384d80b23f41.css>; rel=preload; as="style", </_next/static/css/f3e9d7a025c19250.css>; rel=preload; as="style", </_next/static/css/dca0f7167ccbd9eb.css>; rel=preload; as="style", </_next/static/css/08e4af089cd43ad2.css>; rel=preload; as="style", </_next/static/css/49b3d797f2bf6570.css>; rel=preload; as="style", </_next/static/css/a9ce805d315eadb9.css>; rel=preload; as="style", </_next/static/css/0e5a571e4b21d37a.css>; rel=preload; as="style", </_next/static/css/1391f82e80c5dfea.css>; rel=preload; as="style", </_next/static/css/1939a6bdbcea21ab.css>; rel=preload; as="style", </_next/static/css/0bcb832a4e5ad562.css>; rel=preload; as="style", </_next/static/css/1138030f912ae45a.css>; rel=preload; as="style", </_next/static/css/5056ab92dab70809.css>; rel=preload; as="style", </_next/static/css/9f2afadeb99831a5.css>; rel=preload; as="style", </_next/static/css/1036451194edf4e9.css>; rel=preload; as="style", </_next/static/css/238f9102e70f514e.css>; rel=preload; as="style" |
| X-Url | https://www.decathlon.co.uk/ |
| Set-Cookie | AUTH_STATE=eyJhcHAiOiJXTkYifQ%3D%3D; Path=/; Expires=Tue, 22 Apr 2025 19:06:32 GMT; Max-Age=1296000; Secure; HttpOnly; SameSite=lax |
| Strict-Transport-Security | max-age=15768000; includeSubDomains; preload |
| Accept-Ch | Viewport-Width, Sec-CH-Viewport-Width |
| X-Forwarded-Host | www.decathlon.co.uk |
| X-Middleware-Rewrite | /en/ |
| Content-Type | text/html; charset=utf-8 |
| Cf-Ray | 92cbcd833b028477-AMS |
| Vary | RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding |
| Content-Security-Policy | default-src 'self'; connect-src 'self' insights.v3.decathlon.net insights.decathlon.net *.booxi.eu wurfl.io *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net edge.api.brightcove.com *.boltdns.net *.akamaihd.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io *.privacy-center.org browser-intake-datadoghq.eu gb-gtm-t4wkq78s-9xm5.nw.r.appspot.com maps.googleapis.com maps.gstatic.com *.google-analytics.com www.google.com js.klarna.com na.klarnaevt.com eu.klarnaevt.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api-eu.decathlon.net api-eu.preprod.decathlon.net api.decathlon.net compatible-spare-parts.preprod.decathlon.com compatible-spare-parts.decathlon.com *.woosmap.com the.sciencebehindecommerce.com *.wepowerconnections.com bat.bing.com bat.bing.net *.contentsquare.net *.dotomi.com *.y-track.com www.facebook.com pagead2.googlesyndication.com www.google.com www.googleadservices.com googleads.g.doubleclick.net stats.g.doubleclick.net www.google.co.uk px.ads.linkedin.com production.neocomapp.com api.production.neocomapp.com prompts.api.production.neocomapp.com identifier.api.production.neocomapp.com www.redditstatic.com www.reddit.com conversions-config.reddit.com t.teads.tv cm.teads.tv analytics.tiktok.com ads-twitter.com ads-api.twitter.com analytics.twitter.com; script-src 'self' 'unsafe-inline' prod.transcript.decathlon.net *.booxi.eu wurfl.io *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net 'unsafe-eval' players.brightcove.net vjs.zencdn.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io https://challenges.cloudflare.com *.privacy-center.org maps.googleapis.com maps.gstatic.com *.googletagmanager.com js.klarna.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api-eu.decathlon.net api-eu.preprod.decathlon.net api.decathlon.net *.decathlon.net storage.googleapis.com *.woosmap.com www.dwin1.com *.awin1.com *.ad4m.at *.zenaps.com the.sciencebehindecommerce.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com cdn.preciso.net preciso.net *.2trk.info ad4m.at *.adform.net bat.bing.com bat.bing.net t.contentsquare.net app.contentsquare.com *.dotomi.com *.dynamicyield.com *.y-track.com connect.facebook.net pay.google.com www.googleadservices.com googleads.g.doubleclick.net www.google.com stats.g.doubleclick.net snap.licdn.com production.neocomapp.com www.redditstatic.com www.reddit.com p.teads.tv analytics.tiktok.com static.ads-twitter.com; style-src 'self' 'unsafe-inline' *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io www.googletagmanager.com *.klarnacdn.net *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net storage.googleapis.com fonts.googleapis.com; img-src 'self' blob: data: *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net *.boltdns.net *.akamaihd.net *.brightcove.com *.privacy-center.org maps.googleapis.com maps.gstatic.com www.googletagmanager.com *.g.doubleclick.net fonts.gstatic.com prod.y-medialink.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net onestore-cdn.decathlon.net storage.googleapis.com contents.mediadecathlon.com *.woosmap.com *.awin1.com *.ad4m.at *.zenaps.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com preciso.net *.2trk.info *.adform.net bat.bing.com bat.bing.net *.contentsquare.net *.dotomi.com *.y-track.com www.facebook.com googleads.g.doubleclick.net www.google.com google.com translate.google.com www.google.co.uk px.ads.linkedin.com www.redditstatic.com www.reddit.com alb.reddit.com t.teads.tv cm.teads.tv l.teads.tv ads-twitter.com ads-api.twitter.com analytics.twitter.com t.co; font-src 'self' data: *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io fonts.gstatic.com *.klarnacdn.net *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net production.neocomapp.com; frame-src 'self' *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net https://challenges.cloudflare.com www.googletagmanager.com osm.klarnaservices.com js.klarna.com *.kampyle.com *.medallia.eu *.medallia.com https://custhelp.decathlon.co.uk compatible-spare-parts.preprod.decathlon.com compatible-spare-parts.decathlon.com reviews.decathlon.com reviews.preprod.decathlon.com *.decathlon.net *.awin1.com *.ad4m.at *.zenaps.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com ad4m.at ban.2trk.info cdn.preciso.net *.adform.net bid.g.doubleclick.net td.doubleclick.net cm.g.doubleclick.net production.neocomapp.com p.teads.tv fledge.teads.tv; media-src 'self' blob: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com; object-src 'none'; base-uri 'self' *.kampyle.com https://custhelp.decathlon.co.uk *.woosmap.com; form-action 'self'; frame-ancestors 'self' https://gcp-na-app.contentstack.com; worker-src 'self' blob:; block-all-mixed-content; upgrade-insecure-requests; |
| X-Forwarded-Port | 443 |
| Connection | keep-alive |
| Cf-Cache-Status | DYNAMIC |
| Dkt-Ecom-Origin | web-navigate-front |
| Dkt-Ecom-Xp | revamp |
| X-Nonce | YjczN2ExZDItNmMxMS00NTU3LWI1ZWEtZjY1YmU2MTJlODI1 |
By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.
This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.
We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.
Watch it now at TrustRadar