decathlon.nl | Analytics by SecurityHeaders

HTTP Headers report for decathlon.nl

Header Name Header Data
HTTP status code 200
Cf-Ray 93298e4bd9fe9f75-AMS
Cf-Cache-Status DYNAMIC
Accept-Ch Viewport-Width, Sec-CH-Viewport-Width
X-Url https://www.decathlon.nl/
Content-Type text/html; charset=utf-8
Cache-Control private, no-cache, no-store, max-age=0, must-revalidate
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
Content-Security-Policy default-src 'self'; connect-src 'self' insights.v3.decathlon.net insights.decathlon.net *.booxi.eu wurfl.io *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net edge.api.brightcove.com *.boltdns.net *.akamaihd.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io *.privacy-center.org browser-intake-datadoghq.eu gb-gtm-t4wkq78s-9xm5.nw.r.appspot.com maps.googleapis.com maps.gstatic.com *.google-analytics.com www.google.com js.klarna.com na.klarnaevt.com eu.klarnaevt.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api-eu.decathlon.net api-eu.preprod.decathlon.net api.decathlon.net compatible-spare-parts.preprod.decathlon.com compatible-spare-parts.decathlon.com *.woosmap.com the.sciencebehindecommerce.com *.wepowerconnections.com bat.bing.com bat.bing.net *.contentsquare.net *.dotomi.com *.y-track.com www.facebook.com pagead2.googlesyndication.com www.google.com www.googleadservices.com googleads.g.doubleclick.net stats.g.doubleclick.net *.adform.net *.criteo.com www.decathlon.nl/routing/epsitech/ www.google.nl analytics.google.com *.google-analytics.com *.analytics.google.com datastudio.google.com d.impactradius-event.com utt.impactcdn.com *.ojrq.net decathlon-nl.sjv.io decathlon-nl.x8nb.net production.neocomapp.com api.production.neocomapp.com prompts.api.production.neocomapp.com identifier.api.production.neocomapp.com ct.pinterest.com *.creativecdn.com creativecdn.com *.igodigital.com analytics.tiktok.com; script-src 'self' 'unsafe-inline' prod.transcript.decathlon.net *.booxi.eu wurfl.io *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net 'unsafe-eval' players.brightcove.net vjs.zencdn.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io https://challenges.cloudflare.com *.privacy-center.org maps.googleapis.com maps.gstatic.com *.googletagmanager.com js.klarna.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api-eu.decathlon.net api-eu.preprod.decathlon.net api.decathlon.net preview-widget.onepay.preprod.decathlon.net preview-widget.onepay.decathlon.net *.decathlon.net storage.googleapis.com *.woosmap.com www.dwin1.com *.awin1.com *.ad4m.at *.zenaps.com the.sciencebehindecommerce.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com cdn.preciso.net preciso.net *.2trk.info ad4m.at *.adform.net bat.bing.com bat.bing.net t.contentsquare.net app.contentsquare.com *.dotomi.com *.dynamicyield.com *.y-track.com connect.facebook.net pay.google.com www.googleadservices.com googleads.g.doubleclick.net www.google.com stats.g.doubleclick.net *.criteo.net *.criteo.com www.decathlon.nl/routing/epsitech/ datastudio.google.com d.impactradius-event.com utt.impactcdn.com *.ojrq.net decathlon-nl.sjv.io decathlon-nl.x8nb.net production.neocomapp.com pinterest.com *.pinimg.com ct.pinterest.com *.creativecdn.com creativecdn.com nova.collect.igodigital.com *.igodigital.com analytics.tiktok.com; style-src 'self' 'unsafe-inline' *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io www.googletagmanager.com *.klarnacdn.net *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net preview-widget.onepay.preprod.decathlon.net preview-widget.onepay.decathlon.net storage.googleapis.com fonts.googleapis.com; img-src 'self' blob: data: *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net *.boltdns.net *.akamaihd.net *.brightcove.com *.privacy-center.org maps.googleapis.com maps.gstatic.com www.googletagmanager.com *.g.doubleclick.net fonts.gstatic.com prod.y-medialink.com *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net onestore-cdn.decathlon.net storage.googleapis.com contents.mediadecathlon.com *.woosmap.com *.awin1.com *.ad4m.at *.zenaps.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com preciso.net *.2trk.info *.adform.net bat.bing.com bat.bing.net *.contentsquare.net *.dotomi.com *.y-track.com www.facebook.com googleads.g.doubleclick.net www.google.com google.com translate.google.com *.criteo.net *.criteo.com www.decathlon.nl/routing/epsitech/ *.fls.doubleclick.net ad.doubleclick.net ade.googlesyndication.com www.google.nl *.google-analytics.com *.analytics.google.com play-lh.googleusercontent.com pinterest.com *.igodigital.com; font-src 'self' data: *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net secondlife-apps.decathlon.net secondlife-apps.preprod.decathlon.net second-life-xps.secondlifebff-prod-bkpr.decathlon.io fonts.gstatic.com *.klarnacdn.net *.kampyle.com *.medallia.eu *.medallia.com onepay-widget.decathlon.net widget.onepay.preprod.decathlon.net api.decathlon.net production.neocomapp.com; frame-src 'self' *.booxi.eu *.onebooking-widget.ig1.activities-stg.activities-stg-pbst.decathlon.io *.booking.decathlon.net players.brightcove.net https://challenges.cloudflare.com www.googletagmanager.com osm.klarnaservices.com js.klarna.com *.kampyle.com *.medallia.eu *.medallia.com https://help.decathlon.nl compatible-spare-parts.preprod.decathlon.com compatible-spare-parts.decathlon.com reviews.decathlon.com reviews.preprod.decathlon.com *.decathlon.net *.awin1.com *.ad4m.at *.zenaps.com *.solocpm.com *.tangooserver.com *.mainadv.com *.sddan.com *.adnxs.com ad4m.at ban.2trk.info cdn.preciso.net *.adform.net bid.g.doubleclick.net td.doubleclick.net cm.g.doubleclick.net *.criteo.com *.fls.doubleclick.net production.neocomapp.com pinterest.com ct.pinterest.com *.creativecdn.com creativecdn.com; media-src 'self' blob: *.brightcovecdn.com *.boltdns.net *.media.brightcove.com *.llnw.net *.llnwd.net *.akafms.net *.akamaihd.net *.cf.brightcove.com play-lh.googleusercontent.com; object-src 'none'; base-uri 'self' *.kampyle.com https://help.decathlon.nl *.woosmap.com; form-action 'self'; frame-ancestors 'self' https://gcp-na-app.contentstack.com; worker-src 'self' blob:; block-all-mixed-content; upgrade-insecure-requests;
Dkt-Ecom-Origin web-navigate-front
Date Sat, 19 Apr 2025 04:11:05 GMT
Connection keep-alive
Dkt-Ecom-Xp revamp
X-Middleware-Rewrite /nl/
X-Nonce MTFmODJiODctZmE3OS00NTM5LTk1YzctMGUwMGNlOWU0ODYw
Server cloudflare
Link <https://contents.mediadecathlon.com>; rel=preconnect, </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/css/e72c8739f9463b48.css>; rel=preload; as="style", </_next/static/css/9527c0ef378a2b18.css>; rel=preload; as="style", </_next/static/css/582b7362899ea7db.css>; rel=preload; as="style", </_next/static/css/55a727c937281f7a.css>; rel=preload; as="style", </_next/static/css/5c35c0babb8d3a51.css>; rel=preload; as="style", </_next/static/css/9cb5974ae6b19eba.css>; rel=preload; as="style", </_next/static/css/e4ae3302343deeb8.css>; rel=preload; as="style", </_next/static/css/a29b0094e18c0226.css>; rel=preload; as="style", </_next/static/css/7d8429fb6a7c3c11.css>; rel=preload; as="style", </_next/static/css/4b18dd06e5711e31.css>; rel=preload; as="style", </_next/static/css/2d59e79be421f846.css>; rel=preload; as="style", </_next/static/css/54d3f35b92c0fab0.css>; rel=preload; as="style", </_next/static/css/320fa5446195f7c8.css>; rel=preload; as="style", </_next/static/css/174fd5cfc650e9d4.css>; rel=preload; as="style", </_next/static/css/47133cc6edc5cc94.css>; rel=preload; as="style", </_next/static/css/e9152709c23ea155.css>; rel=preload; as="style", </_next/static/css/34c5ae42bca0f93e.css>; rel=preload; as="style", </_next/static/css/ab360b8b8297df11.css>; rel=preload; as="style", </_next/static/css/d419eeff35cf5370.css>; rel=preload; as="style", </_next/static/css/2182f00ca45f24d6.css>; rel=preload; as="style", </_next/static/css/7e764e5527f4e003.css>; rel=preload; as="style", </_next/static/css/4dc9107e60d179aa.css>; rel=preload; as="style", </_next/static/css/abb51fec0491f2f3.css>; rel=preload; as="style", </_next/static/css/364be50eaaa37b39.css>; rel=preload; as="style", </_next/static/css/6a860848a60a7c31.css>; rel=preload; as="style", </_next/static/css/fb29e63993d34218.css>; rel=preload; as="style", </_next/static/css/5ec1ab06d7b579e4.css>; rel=preload; as="style", </_next/static/css/bf487c72759060df.css>; rel=preload; as="style", </_next/static/css/8b6bb99db14bd8c3.css>; rel=preload; as="style", </_next/static/css/35e8384d80b23f41.css>; rel=preload; as="style", </_next/static/css/f53089b8ef1600c2.css>; rel=preload; as="style", </_next/static/css/dca0f7167ccbd9eb.css>; rel=preload; as="style", </_next/static/css/08e4af089cd43ad2.css>; rel=preload; as="style", </_next/static/css/e7cbd5ca4fdf097e.css>; rel=preload; as="style", </_next/static/css/5d1d2d72074aff3b.css>; rel=preload; as="style", </_next/static/css/0e5a571e4b21d37a.css>; rel=preload; as="style", </_next/static/css/1391f82e80c5dfea.css>; rel=preload; as="style", </_next/static/css/1939a6bdbcea21ab.css>; rel=preload; as="style", </_next/static/css/9791717919bf0419.css>; rel=preload; as="style", </_next/static/css/23dd805471ff0fb2.css>; rel=preload; as="style", </_next/static/css/1036451194edf4e9.css>; rel=preload; as="style", </_next/static/css/238f9102e70f514e.css>; rel=preload; as="style", </_next/static/css/1138030f912ae45a.css>; rel=preload; as="style", </_next/static/css/5056ab92dab70809.css>; rel=preload; as="style"
Set-Cookie _dyjsession=; Path=/; Expires=Sat, 19 Apr 2025 04:11:03 GMT; Max-Age=-1; Secure; HttpOnly; SameSite=lax
Vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding
X-Forwarded-Host www.decathlon.nl
X-Forwarded-Port 443

About the tool

By using SecurityHeaders.info, you can quickly identify missing or misconfigured headers and take steps to secure your website, improving both security and user confidence.

This tool is widely used by developers, security professionals, and organizations to ensure their websites adhere to best practices in web security.

We also have another analytic tool that is used for identifying popularity metrics, general information about the business, finding similar products and competitors, and much more.

Watch it now at TrustRadar