login.decathlon.net Open in urlscan Pro
2606:4700:4400::ac40:925c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.decathlon.com/
Effective URL:
https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc577...
Submission: On August 05 via automatic, source certstream-suspicious (August 5th 2024, 1:35:48 am UTC) — Scanned from DE

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2606:4700:4400::ac40:925c, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.decathlon.net. The Cisco Umbrella rank of the primary domain is 452143.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.

This is the only time login.decathlon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:440... 2606:4700:4400::6812:262c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:225b:a000:d:c8b9:46c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.33.219.205 13.33.219.205	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700:440... 2606:4700:4400::ac40:903c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:440... 2606:4700:4400::ac40:920b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::ac40:925c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:5e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:5f29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	11

8 2606:4700:4400::6812:262c (United States)

ASN13335 (CLOUDFLARENET, US)

account.decathlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225b:a000:d:c8b9:46c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

deploy.mopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.219.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-219-205.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:903c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

accounts.decathlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:920b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-global.decathlon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:925c (United States)

ASN13335 (CLOUDFLARENET, US)

login.decathlon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	decathlon.com 1 redirects account.decathlon.com accounts.decathlon.com — Cisco Umbrella Rank: 703430	837 KB
6	decathlon.net 1 redirects api-global.decathlon.net — Cisco Umbrella Rank: 184380 login.decathlon.net — Cisco Umbrella Rank: 452143	72 KB
3	mopinion.com deploy.mopinion.com — Cisco Umbrella Rank: 41464	14 KB
2	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3877	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	1 KB
1	gstatic.com www.gstatic.com	212 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536	51 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	84 KB
29	8

	Domain	Requested by
8	account.decathlon.com	account.decathlon.com
5	login.decathlon.net	account.decathlon.com login.decathlon.net
5	accounts.decathlon.com	1 redirects www.datadoghq-browser-agent.com
3	deploy.mopinion.com	www.googletagmanager.com www.datadoghq-browser-agent.com
2	challenges.cloudflare.com	login.decathlon.net challenges.cloudflare.com
2	www.google.com	account.decathlon.com www.gstatic.com
1	api-global.decathlon.net	1 redirects
1	www.gstatic.com	www.google.com
1	www.datadoghq-browser-agent.com	account.decathlon.com
1	www.googletagmanager.com	account.decathlon.com
29	10

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
account.decathlon.com WE1	`2024-08-05` - `2024-11-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.mopinion.com RapidSSL TLS ECC CA G1	`2023-07-24` - `2024-08-18`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh
accounts.decathlon.com Cloudflare Inc ECC CA-3	`2023-10-15` - `2024-10-14`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
login.decathlon.net WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
challenges.cloudflare.com E5	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
Frame ID: 075CAA4FB33F0406ACD6B5B5F1467075
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LelYLkkAAAAAE527W1-X8OKtLlrLzmUW4HltsxF&co=aHR0cHM6Ly9hY2NvdW50LmRlY2F0aGxvbi5jb206NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=3zw3taiu6754
Frame ID: DC1D2AED20ED449D2324E567CF7F29C4
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l5bt5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: CDC9556D4C9D8A0AD8BA27A52E1AE911
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

https://account.decathlon.com/ Page URL
https://accounts.decathlon.com/myaccount_bff/auth/login?from=%2F%3F HTTP 302
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&dkt_ecom_xp=legacy&redirect_uri=h... HTTP 302
https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

29
Requests

93 %
HTTPS

91 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

1284 kB
Transfer

10288 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.decathlon.com/ Page URL
https://accounts.decathlon.com/myaccount_bff/auth/login?from=%2F%3F HTTP 302
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&dkt_ecom_xp=legacy&redirect_uri=https://accounts.decathlon.com/myaccount_bff/auth/callback&client_id=d62f39db-8e47-48f5-be48-43596222a4bf HTTP 302
https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
account.decathlon.com/ 2 KB
2 KB 138ms
107ms Document
text/html 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d2d0580d4df407800c1b5b611448ebaef73875ce746eea6766b4393200465c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *.decathlon.(com|net)
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8ae30d5a6bad362c-FRA
content-encoding: gzip
content-type: text/html
date: Mon, 05 Aug 2024 01:35:43 GMT
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 console-config.js Show response
account.decathlon.com/ 440 B
557 B 65ms
64ms Script
application/javascript 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/console-config.js

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56ada2fed6541b414d4fa08e245c770e6ddbf4d5e2bc5cc0465d7783475e154

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 09:05:53 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4ff1-1b8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5b1c2c362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-BlGP-di4.js Show response
account.decathlon.com/assets/ 918 KB
246 KB 143ms
142ms Script
application/javascript 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/assets/index-BlGP-di4.js

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0664710b7df9cdb207d34f02367e338710c0edb342b97d81971a6b6fb4f1beba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
Origin: https://account.decathlon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4643-e5733"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5b1c2e362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-CbqKp5p5.css
account.decathlon.com/assets/ 8 MB
564 KB 97ms
96ms Stylesheet
text/css 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/assets/index-CbqKp5p5.css

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e155bd30f86a71c785fccf0e560a74c541d6b4063633f052a2761a5b8ad3a7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
Origin: https://account.decathlon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4643-7e9ee2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5b1c31362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
84 KB 47ms
24ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZBLXJZ

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59546588aac43f94209389757fee2f8c0b1871aaeb8ddb63a5e7288a4b6effb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85747
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Aug 2024 01:35:43 GMT

GET
H2 200 pastease.js Show response
deploy.mopinion.com/js/ 36 KB
12 KB 53ms
16ms Script
application/javascript 2600:9000:225b:a000:d:c8b9:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/js/pastease.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZBLXJZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a000:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Pastea.se

Resource Hash

abe0a3c1be2902c648fb5be4ebe4377f5b328cd477ad18a46fd3394949bebd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Aug 2024 00:35:49 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 3596
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jul 2024 07:39:21 GMT
server: nginx
etag: W/"91c2-19107bab028"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: u3_b9HPc_0PaEcE_Yd5OLzYbOns7HcEfYQIyO-5pgUNKzJWlHpd_-w==

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/eu1/v5/ 159 KB
51 KB 38ms
8ms Script
application/javascript 13.33.219.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js
Requested by: Host: account.decathlon.com
URL: https://account.decathlon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-219-205.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
content-encoding: br
via: 1.1 50d1552804e5c5074606d2b5a0eb8ef8.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jul 2024 10:27:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 1
x-amz-server-side-encryption: AES256
etag: W/"4441739369b3c7e391d97a0c1ca55d63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: SWrieDge5kBLltB7A7IDaDicCH3Gf35EB9FP4tzSNnkSPhzUJT8OGQ==

GET
H2 200 55UsRr74yaJEmo2F5LIT04PV9FFiFM43bFfGjMCj Show response
deploy.mopinion.com/config/ 766 B
1 KB 60ms
31ms XHR
application/json 2600:9000:225b:a000:d:c8b9:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/config/55UsRr74yaJEmo2F5LIT04PV9FFiFM43bFfGjMCj

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a000:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Pastea.se

Resource Hash

68eebe2e1ffca007e13fd0286f6c928cb1fffeb1808940669f9ddcb40b49088e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:31:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 266
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
content-length: 766
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: oVU5Y75mWxNQjahkKGPGFzmGWaErp-HuVCWabV3DESkpQX0PCMb3Hg==

GET
H2 200 55UsRr74yaJEmo2F5LIT04PV9FFiFM43bFfGjMCj Show response
deploy.mopinion.com/config/ 766 B
0 61ms
61ms XHR
application/json 2600:9000:225b:a000:d:c8b9:46c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://deploy.mopinion.com/config/55UsRr74yaJEmo2F5LIT04PV9FFiFM43bFfGjMCj

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:a000:d:c8b9:46c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Pastea.se

Resource Hash

68eebe2e1ffca007e13fd0286f6c928cb1fffeb1808940669f9ddcb40b49088e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:31:18 GMT
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
age: 266
x-powered-by: Pastea.se
x-cache: Hit from cloudfront
content-length: 766
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-headers: Access-Control-Allow-Origin,X-Requested-With,Cache-Control,token,Content-Type,key,Origin
x-amz-cf-id: oVU5Y75mWxNQjahkKGPGFzmGWaErp-HuVCWabV3DESkpQX0PCMb3Hg==

GET
H3 200 country Show response
accounts.decathlon.com/myaccount_bff/members/me/profile/ 37 B
361 B 90ms
54ms Fetch
application/json 2606:4700:4400::ac40:903c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/myaccount_bff/members/me/profile/country

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:903c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd9367fd2d6b5ab4dbe1aa7c988c868284dee33a7636fd4ba25d77ed941af9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
x-correlation-id: 3d4032a5-8a28-430c-8032-a58a28e30c19
via: 1.1 google
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.decathlon.com
access-control-allow-credentials: true
cf-ray: 8ae30d5e8ebe3675-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
x-request-id: 3d4032a5-8a28-430c-8032-a58a28e30c19

GET
H3 200 favicon.png
account.decathlon.com/ 684 B
920 B 93ms
92ms Other
image/png 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107a093b1f90aead50423d01531cb635fc63a233f9172520cc6386be65a4b789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 684
last-modified: Thu, 01 Aug 2024 08:24:33 GMT
server: cloudflare
etag: "66ab4641-2ac"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
accept-ranges: bytes
cf-ray: 8ae30d5f2f03362c-FRA

GET
H3 200 features Show response
accounts.decathlon.com/myaccount_bff/ 6 KB
1 KB 53ms
53ms Fetch
application/json 2606:4700:4400::ac40:903c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/myaccount_bff/features

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:903c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

183a2e187a21e57d2442313ae5621569646e18d8483a5febc8ab7488d4909596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
x-correlation-id: 79cb06cc-5bd4-49ec-8b06-cc5bd469ec51
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.decathlon.com
access-control-allow-credentials: true
cf-ray: 8ae30d5f2f113675-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 79cb06cc-5bd4-49ec-8b06-cc5bd469ec51

GET
H3 200 homemade Show response
accounts.decathlon.com/myaccount_bff/features/ 531 B
488 B 50ms
50ms Fetch
application/json 2606:4700:4400::ac40:903c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/myaccount_bff/features/homemade

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:903c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b310792bbfd37b4b474b46f4785eec6c5e6a1a860e10cc59978c4a3a5ab8b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
x-correlation-id: 3122f493-0494-4533-a2f4-930494e533bb
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.decathlon.com
access-control-allow-credentials: true
cf-ray: 8ae30d5f8f423675-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 3122f493-0494-4533-a2f4-930494e533bb

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LelYLkkAAAAAE527W1-X8OKtLlrLzmUW4HltsxF

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/assets/index-BlGP-di4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a9c5601db805abb35b25abf8e2eb0df546edafd192a431fa6463db119257619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 05 Aug 2024 01:35:44 GMT

GET
H3 200 en Show response
accounts.decathlon.com/myaccount_bff/translations/ 68 KB
20 KB 48ms
47ms Fetch
application/json 2606:4700:4400::ac40:903c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/myaccount_bff/translations/en

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/eu1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:903c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c86d66ed3409c5451bb0afed874bc8cf09fc17698a6ce824e97ad5bc51cb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
x-correlation-id: 5c95e982-0e37-45e6-95e9-820e3795e6cc
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://account.decathlon.com
access-control-allow-credentials: true
cf-ray: 8ae30d5fdf773675-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 5c95e982-0e37-45e6-95e9-820e3795e6cc

GET
H3 200 MyAccNotFoundView-B-9hXKh-.js
account.decathlon.com/assets/ 610 B
626 B 78ms
77ms Script
application/javascript 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/assets/MyAccNotFoundView-B-9hXKh-.js

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/assets/index-BlGP-di4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://account.decathlon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4643-262"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5fdfb4362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 MyAccErrorsSection-DQxbfbg3.js
account.decathlon.com/assets/ 995 B
756 B 75ms
75ms Script
application/javascript 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/assets/MyAccErrorsSection-DQxbfbg3.js

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/assets/index-BlGP-di4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://account.decathlon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4643-3e3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5fdfb6362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 MyAccErrorsSection-CzcmUK0W.css
account.decathlon.com/assets/ 979 B
511 B 60ms
60ms Stylesheet
text/css 2606:4700:4400::6812:262c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.decathlon.com/assets/MyAccErrorsSection-CzcmUK0W.css

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/assets/index-BlGP-di4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:262c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 01 Aug 2024 08:24:35 GMT
server: cloudflare
content-encoding: gzip
etag: W/"66ab4643-3d3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *.decathlon.(com|net)
cache-control: no-cache, max-age=3600
cf-ray: 8ae30d5fdfb7362c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__de.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LelYLkkAAAAAE527W1-X8OKtLlrLzmUW4HltsxF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.decathlon.com/
Origin: https://account.decathlon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 16:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216180
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Aug 2025 16:28:35 GMT

GET
H2

403

Primary Request / Show response
login.decathlon.net/
Redirect Chain

https://accounts.decathlon.com/myaccount_bff/auth/login?from=%2F%3F
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&dkt_ecom_xp=legacy&redirect_uri=https://accounts.decathlon.com/myaccount_bff/auth/callback&client_id=d62f39db-8e47-48f5-b...
https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy

19 KB
11 KB

52ms
14ms

Document
text/html

2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy

Requested by

Host: account.decathlon.com
URL: https://account.decathlon.com/assets/index-BlGP-di4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff89032ab4f10e66158d8eb2cf25eb01c87ba917bab2e32b2fbd9975f394bd60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://account.decathlon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: 5AxFblb+imSwWHu+A76S4VxeKU4wLVdlXw09R19hPrLsv9+bfLg9/h3i+y9g7y/mK1aGukcYhNVELD3hZDB2KnhBJqGqZb9sIMg1aFInsZg81vF66+wpsXO9gVviWHc4qcEUJzc0FGKfsDaW+Zg5Pg==$+E4xmVebGuOF5sI4fRYmzQ==
cf-mitigated: challenge
cf-ray: 8ae30d615fd73826-FRA
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 05 Aug 2024 01:35:44 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ae30d60cc3f2bdf-FRA
content-length: 0
date: Mon, 05 Aug 2024 01:35:44 GMT
expires: 0
location: https://login.decathlon.net?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
x-correlation-id: 4dd63410-4ccc-4773-9634-104ccc5773f5
x-frame-options: DENY
x-request-id: 4dd63410-4ccc-4773-9634-104ccc5773f5
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame DC1D 0
0 39ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LelYLkkAAAAAE527W1-X8OKtLlrLzmUW4HltsxF&co=aHR0cHM6Ly9hY2NvdW50LmRlY2F0aGxvbi5jb206NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=3zw3taiu6754

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q2nU98VXwkQWMQzLbEFQwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.decathlon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Q2nU98VXwkQWMQzLbEFQwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Aug 2024 01:35:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 v1 Show response
login.decathlon.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 92 KB
35 KB 17ms
17ms Script
application/javascript 2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.decathlon.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8ae30d615fd73826

Requested by

Host: login.decathlon.net
URL: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffdb753b4308ba9ddde47cfbc861b8b801193483ac49616a30c0dfc8be2e0908

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy&__cf_chl_rt_tk=cMss6FTr8zJjZU0EObk0v46ttAeZ0qQWEdIJ46I1kuo-1722821744-0.0.1.1-6526
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors none
content-encoding: gzip
server: cloudflare
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8ae30d61f8223826-FRA

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/ 43 KB
15 KB 39ms
28ms Script
application/javascript 2606:4700::6812:5e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/api.js?onload=UYbeL2&render=explicit
Requested by: Host: login.decathlon.net
URL: https://login.decathlon.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8ae30d615fd73826
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b1f543c4682618e2fff0c607d70a896ecfc080ce500c41ce00b7ffad0ec411

Request headers

Referer
Origin: https://login.decathlon.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:45 GMT
content-encoding: br
last-modified: Fri, 26 Jul 2024 18:15:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8ae30d623b30972d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 403 favicon.ico
login.decathlon.net/ 5 KB
5 KB 13ms
13ms Image
text/html 2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.decathlon.net/favicon.ico

Requested by

Host: login.decathlon.net
URL: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5327b4e098e8b0a082ae3efa3f0808b5cdd03247b9a3e1d83055aa318c4f42dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors none
x-content-options: nosniff
content-encoding: gzip
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
cf-chl-out: ymmdAIkLFmBuvrgX6ig6IzYnKZRGTl70PoJ6kayoFTQKzBOdHAUVfxffEPrLv6f7gPMRBjj1efeYlazn54vrYqKehilQ/CNVXHK6QdpYJTJyzvc+jXk1cQGka3f3j6UdPh06usT+RgqAmdrCxvTOdg==$hp8iQBwAy0putS3uIQdCvw==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8ae30d6228383826-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK cfe85a74-e23c-4d97-9eb5-22a14eadd930
https://login.decathlon.net/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://login.decathlon.net/cfe85a74-e23c-4d97-9eb5-22a14eadd930
Requested by: Host: login.decathlon.net
URL: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

GET
H2 403 favicon.ico
login.decathlon.net/ 16 KB
7 KB 13ms
12ms Other
text/html 2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.decathlon.net/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c966d436812a160862ff864a5e3039a747aaf1a3ed41c26a9816554b29684d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 01:35:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors none
x-content-options: nosniff
content-encoding: gzip
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
cf-chl-out: 6QIG/Ps9Wbw4+rIzp2ZM5SDNvSTQFR2XQB9PzYNGJGWnF6DaHiYT9oZMgQi37WhSquNyW/bsyGNWnjP1/l+d8F8+QaY4Q26QTs6Uv7T6X8XwdsUfKZZZuu/COmmSiXXasjYsbQCVCpoflZsSK1upaQ==$/dvqFN+DD4y4GNvWWpfdCQ==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8ae30d62785a3826-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 8faca40cb397c6e Show response
login.decathlon.net/cdn-cgi/challenge-platform/h/b/flow/ov1/442905697:1722817690:NvuOj0a_7Kzii52P-4JX2p3ZnjsjUKAGYJEE2G9xkEE/8ae30d615fd73826/ 16 KB
13 KB 26ms
24ms XHR
text/plain 2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.decathlon.net/cdn-cgi/challenge-platform/h/b/flow/ov1/442905697:1722817690:NvuOj0a_7Kzii52P-4JX2p3ZnjsjUKAGYJEE2G9xkEE/8ae30d615fd73826/8faca40cb397c6e

Requested by

Host: login.decathlon.net
URL: https://login.decathlon.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8ae30d615fd73826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82e6b7c8cf8db712ed9a5339d4f43bf623f94aed1ca310faae56cea00494c355

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
CF-Challenge: 8faca40cb397c6e
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 05 Aug 2024 01:35:45 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors none
content-encoding: gzip
server: cloudflare
x-frame-options: DENY
content-type: text/plain; charset=UTF-8
cf-ray: 8ae30d62d8853826-FRA
cf-chl-gen: MWMRRhbudrskVdCw9Z0bf2dzPpCBwCW7H7rFjvFD+oaPIxM2QggV1X7ZAgyEEkjzmTyEP3jxOA==$xdduhLOcYpxZasfl

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l5bt5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame CDC9 0
0 25ms
18ms Document
text/html 2606:4700::6812:5f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l5bt5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/8c81cb09042c/api.js?onload=UYbeL2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8ae30d634e1abbeb-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 05 Aug 2024 01:35:45 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
BLOB 200
OK 02288387-2ff8-4e62-89d6-37b24c1ac50e
https://login.decathlon.net/ 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://login.decathlon.net/02288387-2ff8-4e62-89d6-37b24c1ac50e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.decathlon.com/myaccount_bff/auth	1969-12-31 23:59:59	Name: original-path Value: %2F%3F
.decathlon.net/connect/	1970-01-20 22:55:17	Name: SESSION Value: MTJlZGE4ZjEtZTFjMC00NDI4LTk0ZTYtZjU1ZWRkNzQ4YzJk
.decathlon.net/connect	1970-01-20 22:55:17	Name: SESSION Value: MTJlZGE4ZjEtZTFjMC00NDI4LTk0ZTYtZjU1ZWRkNzQ4YzJk
account.decathlon.com/	1969-12-31 23:59:59	Name: myaccount_sticky_session Value: 77512725638a0c3f
.account.decathlon.com/	1970-01-20 22:33:43	Name: __cf_bm Value: 3gA0zOtZkFe2Lzk.6r3.sLb_b6SKMsMyVviRJ.f0FPE-1722821743-1.0.1.1-56fX3DPn.GX7tG1W7vmaawv7vLdhLlh78rr0QKomCu1gxneqFeb4Fs2F6LW9Moca9ExapQYe81SpBoyrarJNow
.account.decathlon.com/	1969-12-31 23:59:59	Name: __cfruid Value: 2a790a58a56888f7038f1f3a2ec59fe29fd8ab82-1722821743
account.decathlon.com/	1970-01-20 22:33:42	Name: _dd_s Value: rum=0&expire=1722822644064
account.decathlon.com/	1969-12-31 23:59:59	Name: ecom_platform Value: revamp
.api-global.decathlon.net/	1970-01-20 22:33:43	Name: __cf_bm Value: 8ffOguOvZXtY9mQM8cmrXhnVEMVZzCGx.Mlse643vag-1722821744-1.0.1.1-AVRm_H5mWkjhfM61aVvm25CmSgZbEM2jCmuhFqRw.STP7F3rcNTPYclvkvN9_5etkdCCFqaeadyuHTSYVEurZQ
.login.decathlon.net/	1970-01-20 22:33:43	Name: __cf_bm Value: Ke3ekqyYF40JLLnHja1f1hwFTFV4exL_y1ZV03YQsQU-1722821744-1.0.1.1-BmhECowAKsqeEw4TttSbCZgyHcIWo5AIymi0r7XRzZbUIH68YIgyad_ePSShfMPi5yrRtP3L_n1ibFmmLR.xVw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.decathlon.net/?client_id=d62f39db-8e47-48f5-be48-43596222a4bf&correlation_id=4dd63410-4ccc-4773-9634-104ccc5773f5&dkt_ecom_xp=legacy Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://login.decathlon.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://login.decathlon.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.decathlon.com
accounts.decathlon.com
api-global.decathlon.net
challenges.cloudflare.com
deploy.mopinion.com
login.decathlon.net
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.33.219.205
2600:9000:225b:a000:d:c8b9:46c0:93a1
2606:4700:4400::6812:262c
2606:4700:4400::ac40:903c
2606:4700:4400::ac40:920b
2606:4700:4400::ac40:925c
2606:4700::6812:5e29
2606:4700::6812:5f29
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::2004
0664710b7df9cdb207d34f02367e338710c0edb342b97d81971a6b6fb4f1beba
0c966d436812a160862ff864a5e3039a747aaf1a3ed41c26a9816554b29684d8
107a093b1f90aead50423d01531cb635fc63a233f9172520cc6386be65a4b789
183a2e187a21e57d2442313ae5621569646e18d8483a5febc8ab7488d4909596
1a9c5601db805abb35b25abf8e2eb0df546edafd192a431fa6463db119257619
25b1f543c4682618e2fff0c607d70a896ecfc080ce500c41ce00b7ffad0ec411
3b310792bbfd37b4b474b46f4785eec6c5e6a1a860e10cc59978c4a3a5ab8b16
5327b4e098e8b0a082ae3efa3f0808b5cdd03247b9a3e1d83055aa318c4f42dd
59546588aac43f94209389757fee2f8c0b1871aaeb8ddb63a5e7288a4b6effb4
5d2d0580d4df407800c1b5b611448ebaef73875ce746eea6766b4393200465c4
68eebe2e1ffca007e13fd0286f6c928cb1fffeb1808940669f9ddcb40b49088e
82e6b7c8cf8db712ed9a5339d4f43bf623f94aed1ca310faae56cea00494c355
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
98c86d66ed3409c5451bb0afed874bc8cf09fc17698a6ce824e97ad5bc51cb88
abe0a3c1be2902c648fb5be4ebe4377f5b328cd477ad18a46fd3394949bebd81
b56ada2fed6541b414d4fa08e245c770e6ddbf4d5e2bc5cc0465d7783475e154
bcd9367fd2d6b5ab4dbe1aa7c988c868284dee33a7636fd4ba25d77ed941af9f
e155bd30f86a71c785fccf0e560a74c541d6b4063633f052a2761a5b8ad3a7b5
ee4cd96d72ca2d21a8df21e2f76629df9ad636fc7ecd59d24825def20bc2ee0e
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400
ff89032ab4f10e66158d8eb2cf25eb01c87ba917bab2e32b2fbd9975f394bd60
ffdb753b4308ba9ddde47cfbc861b8b801193483ac49616a30c0dfc8be2e0908

login.decathlon.net Open in urlscan Pro 2606:4700:4400::ac40:925c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

93 %HTTPS

91 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

1284 kBTransfer

10288 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.decathlon.net Open in urlscan Pro
2606:4700:4400::ac40:925c Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

91 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

1284 kB
Transfer

10288 kB
Size

10
Cookies

29 HTTP transactions
0 data transactions