login.decathlon.net Open in urlscan Pro
2606:4700:4400::ac40:925c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.decathlon.be/?qs=f1768c8a8f3f8f596e771e1cccc1f21b0b4d87f9973f2c119ba0f266331d8951947d9f239b4766894a96396752c4...
Effective URL:
https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42...
Submission: On December 30 via api (December 30th 2024, 4:01:13 pm UTC) from BE — Scanned from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 65 HTTP transactions. The main IP is 2606:4700:4400::ac40:925c, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.decathlon.net. The Cisco Umbrella rank of the primary domain is 451157.
TLS certificate: Issued by WE1 on December 17th 2024. Valid for: 3 months.

This is the only time login.decathlon.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.165.244 13.111.165.244	14340 (SALESFORCE) (SALESFORCE)
15	2606:4700:440... 2606:4700:4400::6812:2467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
2	35.190.42.188 35.190.42.188	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:251... 2600:9000:2510:4400:5:b7cc:d3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f35... 2a03:2880:f35a:80:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	146.75.33.230 146.75.33.230	54113 (FASTLY) (FASTLY)
1 19	2606:4700:440... 2606:4700:4400::6812:2bc4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:440... 2606:4700:4400::6812:29f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:925c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
65	11

1 13.111.165.244 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.email.decathlon.be

click.email.decathlon.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:4400::6812:2467 (United States)

ASN13335 (CLOUDFLARENET, US)

membership.decathlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.42.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.42.190.35.bc.googleusercontent.com

npm.member.decathlon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2510:4400:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.privacy-center.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f35a:80:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.33.230 (Ashburn, United States)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:4400::6812:2bc4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

accounts.decathlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-global.decathlon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:925c (United States)

ASN13335 (CLOUDFLARENET, US)

login.decathlon.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	decathlon.com 1 redirects membership.decathlon.com accounts.decathlon.com — Cisco Umbrella Rank: 403958	1 MB
6	privacy-center.org sdk.privacy-center.org — Cisco Umbrella Rank: 4542	177 KB
4	medallia.com resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4067	88 KB
4	decathlon.net 1 redirects npm.member.decathlon.net api-global.decathlon.net — Cisco Umbrella Rank: 259008 login.decathlon.net — Cisco Umbrella Rank: 451157	306 KB
2	gstatic.com fonts.gstatic.com Failed	36 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	61 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	92 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	decathlon.be 1 redirects click.email.decathlon.be	362 B
65	9

	Domain	Requested by
19	accounts.decathlon.com	1 redirects membership.decathlon.com
15	membership.decathlon.com	membership.decathlon.com
6	sdk.privacy-center.org	membership.decathlon.com sdk.privacy-center.org
4	resources.digital-cloud-west.medallia.com	www.googletagmanager.com resources.digital-cloud-west.medallia.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	membership.decathlon.com
2	www.googletagmanager.com	membership.decathlon.com
2	npm.member.decathlon.net	membership.decathlon.com
2	fonts.googleapis.com	membership.decathlon.com login.decathlon.net
1	login.decathlon.net	membership.decathlon.com login.decathlon.net
1	api-global.decathlon.net	1 redirects
1	click.email.decathlon.be	1 redirects
65	12

This site contains no links.

Subject Issuer	Validity	Valid
membership.decathlon.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
npm.member.decathlon.net WR3	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.privacy-center.org Amazon RSA 2048 M03	`2024-03-10` - `2025-04-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.digital-cloud-smf1.medallia.com SSL.com RSA SSL subCA	`2024-10-01` - `2025-10-01`	a year	crt.sh
accounts.decathlon.com WE1	`2024-11-12` - `2025-02-10`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
login.decathlon.net WE1	`2024-12-17` - `2025-03-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42bf-bb17-99b5b752bfb9
Frame ID: 710C685A688F8AB03C7B2E913DE12969
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Decathlon Login

Page URL History Show full URLs

https://click.email.decathlon.be/?qs=f1768c8a8f3f8f596e771e1cccc1f21b0b4d87f9973f2c119ba0f266331d8951947d9f23... HTTP 302
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=... Page URL
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=... Page URL
https://accounts.decathlon.com/united_membership/auth/login?locale=nl-BE HTTP 302
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&client_id=5a1b8ea3-cc60-40b8-a09e... HTTP 302
https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation... Page URL

Detected technologies

Didomi (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

sdk\.privacy-center\.org/.*/loader\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

65
Requests

83 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

11
IPs

1
Countries

2228 kB
Transfer

27720 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.decathlon.be/?qs=f1768c8a8f3f8f596e771e1cccc1f21b0b4d87f9973f2c119ba0f266331d8951947d9f239b4766894a96396752c4098da7822f13e406ef7bac8400d9283d922c HTTP 302
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2 Page URL
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/ Page URL
https://accounts.decathlon.com/united_membership/auth/login?locale=nl-BE HTTP 302
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&redirect_uri=https://accounts.decathlon.com/united_membership/auth/callback?locale=nl-BE&ui_locales=nl_BE HTTP 302
https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42bf-bb17-99b5b752bfb9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.email.decathlon.be/?qs=f1768c8a8f3f8f596e771e1cccc1f21b0b4d87f9973f2c119ba0f266331d8951947d9f239b4766894a96396752c4098da7822f13e406ef7bac8400d9283d922c HTTP 302
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

65 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
membership.decathlon.com/nl-BE/reward/270/
Redirect Chain

https://click.email.decathlon.be/?qs=f1768c8a8f3f8f596e771e1cccc1f21b0b4d87f9973f2c119ba0f266331d8951947d9f239b4766894a96396752c4098da7822f13e406ef7bac8400d9283d922c
https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

5 KB
3 KB

404ms
263ms

Document
text/html

2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc2a5c04f701fcf01abbe3e6c8769caddefbcdcfb2d6682d912bca3b983f919

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8fa33eeb2bf44cb1-PHL
content-encoding: gzip
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
content-type: text/html
date: Mon, 30 Dec 2024 16:00:58 GMT
expires: Mon, 30 Dec 2024 16:00:57 GMT
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
permissions-policy: fullscreen=()
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 320
Content-Type: text/html; charset=utf-8
Date: Mon, 30 Dec 2024 16:00:57 GMT
Location: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 135ms
46ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Condensed:ital,wght@0,400;0,700;1,700&display=swap

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de69e99b814eb4d0196d0998ebc13a07767102307dcc8515833643c8a2ce9f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 16:00:58 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 builded-components.js Show response
npm.member.decathlon.net/membership-front/webcomponents/v1.1.70/ 302 KB
303 KB 147ms
25ms Script
text/javascript 35.190.42.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://npm.member.decathlon.net/membership-front/webcomponents/v1.1.70/builded-components.js
Requested by: Host: membership.decathlon.com
URL: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.42.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.42.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 62dba933e5020027a5ab294d3c39de9263136b5d487bb19dcff13fdae330542f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734431534
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=KajaJw==, md5=B0Cg6BSnCh683YWrIKf2wg==
etag: "0740a0e814a70a1ebcdd85ab20a7f6c2"
age: 3551
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 309344
date: Mon, 30 Dec 2024 15:01:47 GMT
last-modified: Tue, 17 Dec 2024 10:32:35 GMT
content-type: text/javascript
vary: Origin
x-guploader-uploadid: AFiumC4kJIlSyyk_w6OsdNDe78ghZxUNRA6u9y-llj8HC9g1Y5jvwGVWzx2FegVKG1Xqn2R4scMtawY
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: https://membership.decathlon.com
x-goog-generation: 1734431555919979
content-length: 309344
server: UploadServer

GET
H2 200 env-config.js Show response
membership.decathlon.com/ 661 B
523 B 257ms
255ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/env-config.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19da2fd0091864c54388e135a0af4143db9331d8a0eb58eb1d24f9f24d6ad64b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"676d74d6-295"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:57 GMT
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/javascript
last-modified: Thu, 26 Dec 2024 15:23:02 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33eecfe5f4cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 facebook-pixel.js Show response
membership.decathlon.com/ 471 B
409 B 313ms
311ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/facebook-pixel.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c94fc4877fa8517ef8398084dd8453482c1b37d23d4f4ff8552ee1aebfc22f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27a-1d7"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:57 GMT
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33eecfe624cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-DTGWC-pF.js Show response
membership.decathlon.com/assets/ 3 MB
697 KB 267ms
266ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/assets/index-DTGWC-pF.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f453a357089f8458fd973e3328139911b83141edd82baf1105ff5242b56c04

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27c-2a6fce"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:57 GMT
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33eecfe654cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-DfllnLXO.css
membership.decathlon.com/assets/ 9 MB
640 KB 247ms
246ms Stylesheet
text/css 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/assets/index-DfllnLXO.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0466bd57b41990c99f12b974da0b3b24cea62826022c5ac3618a5c014963e3f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27c-89d364"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:57 GMT
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33eecfe564cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
92 KB 163ms
80ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2KVK5C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1b9094ae67f28fe162ae829ec8aaed95634532c87e560015848322711b4e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 30 Dec 2024 16:00:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93485
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 loader.js Show response
sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/ 62 KB
23 KB 124ms
27ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/loader.js?target_type=notice&target=bFFMXGhn
Requested by: Host: membership.decathlon.com
URL: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32c03e31ccb36821d4e92b3fd8f5478dadf7e598b17400558786db12161c301d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: br
etag: W/"b8eeb243e942ba17f48102ffdbe533f5"
age: 3581
x-amzn-requestid: d93cd601-0b00-4455-9b14-c47b8ecdd5ee
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NR4CkFJa-SUYf-vXLffGfTzprtQ5wQ3E6FT-9oR9PvjAfyJ_SbvGCQ==
date: Mon, 30 Dec 2024 15:01:17 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=7200, public
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
x-amzn-trace-id: Root=1-676f49d1-730a9c2613bbd45820ccc5a6;Parent=7d1fc78c2d990c18;Sampled=0;Lineage=1:eaae1266:0
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-didomi-configs-version: 113
x-amz-cf-pop: JFK50-P5

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 90ms
23ms Script
application/x-javascript 2a03:2880:f35a:80:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/facebook-pixel.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-jOSGSRly' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-jOSGSRly' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=5761, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NgGPMssX4HRV5rpcz/1AN8Fbnb1Ghsb4aKtZqh0uUREeNDSz9lNzXRXY42qFZxieko/Yp98hnTjt5mPeUmyVVA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js Show response
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 375 KB
96 KB 48ms
47ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/loader.js?target_type=notice&target=bFFMXGhn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac3fc470444e6c43074861393a5b8330469579b84f3ea27f93330bd752e589ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"21a1586bc1c99eb67d069773f0c262e4-1"
age: 1128753
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MgNQf7f1hfyde_peuL-oNqpDSEe-ueQ8V43fWmQXsk6Go1wnSQZxwQ==
date: Tue, 17 Dec 2024 14:28:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 14:28:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/ 1 KB
1006 B 135ms
43ms Script
application/javascript 146.75.33.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KVK5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.33.230 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62f2613769e26b06928d989a68159d9a6e745a3f30a366173dd3df769af7233f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
etag: "38f34b1d328562c50983acf08819059a"
x-amz-version-id: 7mT4e7GnDl65NK7jnWq8PuF4ukENnp_d
age: 549653
x-cache: HIT
date: Mon, 30 Dec 2024 16:00:59 GMT
last-modified: Thu, 05 Dec 2024 10:43:22 GMT
x-served-by: cache-iad-kjyo7100093-IAD
x-cache-hits: 0
content-type: application/javascript
x-amz-id-2: CHt/SBz+BrVbnooX8H+40kQXbHqw0B3SYvSh/FIkBhldNNryuKTvX6XL9AAgx/ZRuLbkUBvALozcvHz1nShSmVWlePTtn/71
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=0,must-revalidate
x-timer: S1735574459.111740,VS0,VE1
via: 1.1 varnish
x-amz-request-id: 4NGMMK6D3H251N4Y
accept-ranges: bytes
access-control-allow-origin: *
content-length: 532
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ui-web-nl-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js Show response
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 273 KB
58 KB 25ms
24ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ui-web-nl-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f364358b14d46a26aa3b3dc1470f39bb0eb2cf67299ffef037a8bd38e89cc69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"366f62c325a06b774b64261db6753a90-1"
age: 1128697
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gzBnxlS5X0DRrcBZ9N2GA62Ms1s3BTdpMSl8sgGu275XJ9BbbgC9QA==
date: Tue, 17 Dec 2024 14:29:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 14:28:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 401 accesstoken Show response
accounts.decathlon.com/united_membership/v1/auth/ 77 B
461 B 248ms
247ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f765d75abfa6a89b8412ad85277d65f3bec32545732cb1d52db5fa7868f54f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: 46c1161d-88d5-4fca-8116-1d88d5ffca00
x-correlation-id: 46c1161d-88d5-4fca-8116-1d88d5ffca00
cf-cache-status: DYNAMIC
etag: W/"4d-yQ1zSo6puHLrWcuIqwLl7lEFQww"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:00:59 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-credentials: true
cf-ray: 8fa33ef4ab624caf-PHL
access-control-allow-origin: https://membership.decathlon.com
content-length: 77
server: cloudflare

OPTIONS
H3 200 accesstoken
accounts.decathlon.com/united_membership/v1/auth/ 0
0 217ms
94ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33ef3af7d4cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:00:59 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 generic1733395400952.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/ 388 KB
87 KB 24ms
24ms Script
application/javascript 146.75.33.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/generic1733395400952.js

Requested by

Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.33.230 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6020fc4c4ad177c7718f11458c7fe4ddfd632b0e399768d3a97ef3c8828f71fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
etag: "a58bf8f7c38b5f72cf264b0d61136b3a"
x-amz-version-id: OmcIQ6TV1wYMXdV7QN5.QuUjbo8k.wQl
age: 549652
x-cache: HIT
date: Mon, 30 Dec 2024 16:00:59 GMT
last-modified: Thu, 05 Dec 2024 10:43:22 GMT
x-served-by: cache-iad-kjyo7100093-IAD
x-cache-hits: 0
content-type: application/javascript
x-amz-id-2: AWrJGHvoulGkQ4MGFFjQGyv7xSg5Q0Rfc06tRWT9O4pL8PU/q6s24O3hLsp4URY37GROwYBP0nM=
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=2592000
x-timer: S1735574459.494225,VS0,VE2
via: 1.1 varnish
x-amz-request-id: GWBNH8ZAZS303TRH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 88974
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.svg
membership.decathlon.com/images/ 1007 B
677 B 158ms
157ms Other
image/svg+xml 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/images/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082134e93e65b87c62f096efcada177f0b395b0e9b9a026165599bebff2073dc

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27a-3ef"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:58 GMT
date: Mon, 30 Dec 2024 16:00:59 GMT
content-type: image/svg+xml
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33ef3efdc4cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 favicon.png
membership.decathlon.com/images/ 719 B
811 B 153ms
152ms Other
image/png 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/images/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56efe9a7fbbbd49d655cb412c58277f247705282e9a12720c64beacc84fbcc61

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2

Response headers

cf-cache-status: MISS
etag: "6765b27a-2cf"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:58 GMT
date: Mon, 30 Dec 2024 16:00:59 GMT
content-type: image/png
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33ef529e44cb1-PHL
permissions-policy: fullscreen=()
accept-ranges: bytes
content-length: 719
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 / Show response
accounts.decathlon.com/united_membership/v1/unleashToggles/ 128 KB
12 KB 421ms
421ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/unleashToggles/

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3756dc67d767d8a3ff4a9644419538b702d76004cfec241f519c8adbada3b672

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: dad01c35-6831-4d4e-901c-3568310d4e25
x-correlation-id: dad01c35-6831-4d4e-901c-3568310d4e25
cf-cache-status: DYNAMIC
etag: W/"200a8-CHAqZP89jdC/+HX187Ft16Re2YE"
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:00 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache
access-control-allow-credentials: true
cf-ray: 8fa33ef62af64cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
server: cloudflare

OPTIONS
H3 200 /
accounts.decathlon.com/united_membership/v1/unleashToggles/ 0
0 45ms
44ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/unleashToggles/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33ef5eaaf4cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:00:59 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET
H3 200 / Show response
accounts.decathlon.com/united_membership/v1/countryConfiguration/ 34 KB
5 KB 148ms
148ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/countryConfiguration/

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9e301af52e52886fbee6b48c9e9bcf7c76d1fb5e4a82ba7ba16582b74188840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: bcb56601-5ea2-4257-b566-015ea2d257ba
x-correlation-id: bcb56601-5ea2-4257-b566-015ea2d257ba
cf-cache-status: DYNAMIC
etag: W/"88a0-+Wj1O4LU46qEPoSjDoJnpvmikDQ"
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:00 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache
access-control-allow-credentials: true
cf-ray: 8fa33efab8344cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
server: cloudflare

OPTIONS
H3 200 /
accounts.decathlon.com/united_membership/v1/countryConfiguration/ 0
0 56ms
55ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/countryConfiguration/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33efa6fb64cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:01:00 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 / Show response
membership.decathlon.com/nl-BE/reward/270/ 5 KB
2 KB 159ms
152ms Document
text/html 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffc2a5c04f701fcf01abbe3e6c8769caddefbcdcfb2d6682d912bca3b983f919

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8fa33efc5a594cb1-PHL
content-encoding: gzip
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
content-type: text/html
date: Mon, 30 Dec 2024 16:01:00 GMT
expires: Mon, 30 Dec 2024 16:00:59 GMT
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
permissions-policy: fullscreen=()
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H3 200 home-samples
accounts.decathlon.com/united_membership/v1/rewards/ 0
0 49ms
46ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/rewards/home-samples

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33efc7a964cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:01:00 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

OPTIONS
H3 200 check
accounts.decathlon.com/united_membership/v1/auth/ 0
0 50ms
49ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/check

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33efcaadc4cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:01:00 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET home-samples
accounts.decathlon.com/united_membership/v1/rewards/ 0
0

GET check
accounts.decathlon.com/united_membership/v1/auth/ 0
0

GET sprite.svg
membership.decathlon.com/images/svg/ 0
0

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer

Response headers

Content-Type: image/svg+xml

GET KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 0
0

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 0
0

GET accesstoken
accounts.decathlon.com/united_membership/v1/auth/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
0 3ms
3ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Condensed:ital,wght@0,400;0,700;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de69e99b814eb4d0196d0998ebc13a07767102307dcc8515833643c8a2ce9f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:00:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 30 Dec 2024 16:00:58 GMT
x-frame-options: SAMEORIGIN
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 builded-components.js Show response
npm.member.decathlon.net/membership-front/webcomponents/v1.1.70/ 302 KB
0 3ms
3ms Script
text/javascript 35.190.42.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://npm.member.decathlon.net/membership-front/webcomponents/v1.1.70/builded-components.js
Requested by: Host: membership.decathlon.com
URL: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.42.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.42.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 62dba933e5020027a5ab294d3c39de9263136b5d487bb19dcff13fdae330542f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/

Response headers

x-goog-metageneration: 1
x-goog-meta-goog-reserved-file-mtime: 1734431534
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=KajaJw==, md5=B0Cg6BSnCh683YWrIKf2wg==
etag: "0740a0e814a70a1ebcdd85ab20a7f6c2"
age: 3551
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 309344
date: Mon, 30 Dec 2024 15:01:47 GMT
last-modified: Tue, 17 Dec 2024 10:32:35 GMT
content-type: text/javascript
vary: Origin
x-guploader-uploadid: AFiumC4kJIlSyyk_w6OsdNDe78ghZxUNRA6u9y-llj8HC9g1Y5jvwGVWzx2FegVKG1Xqn2R4scMtawY
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: https://membership.decathlon.com
x-goog-generation: 1734431555919979
content-length: 309344
server: UploadServer

GET
H2 200 env-config.js Show response
membership.decathlon.com/ 661 B
101 B 140ms
136ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/env-config.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19da2fd0091864c54388e135a0af4143db9331d8a0eb58eb1d24f9f24d6ad64b

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"676d74d6-295"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Thu, 26 Dec 2024 15:23:02 GMT
vary: Accept-Encoding
content-type: application/javascript
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33efd6c0a4cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 facebook-pixel.js Show response
membership.decathlon.com/ 471 B
55 B 256ms
251ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/facebook-pixel.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39c94fc4877fa8517ef8398084dd8453482c1b37d23d4f4ff8552ee1aebfc22f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27a-1d7"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
content-type: application/javascript
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33efd6c0d4cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-DTGWC-pF.js Show response
membership.decathlon.com/assets/ 3 MB
56 B 192ms
189ms Script
application/javascript 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/assets/index-DTGWC-pF.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f453a357089f8458fd973e3328139911b83141edd82baf1105ff5242b56c04

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27c-2a6fce"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
vary: Accept-Encoding
content-type: application/javascript
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33efd6c0f4cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 index-DfllnLXO.css
membership.decathlon.com/assets/ 9 MB
57 B 191ms
188ms Stylesheet
text/css 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/assets/index-DfllnLXO.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0466bd57b41990c99f12b974da0b3b24cea62826022c5ac3618a5c014963e3f

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27c-89d364"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Fri, 20 Dec 2024 18:07:56 GMT
vary: Accept-Encoding
content-type: text/css
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33efd6c084cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 303 KB
0 0ms
0ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2KVK5C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1b9094ae67f28fe162ae829ec8aaed95634532c87e560015848322711b4e44

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 30 Dec 2024 16:00:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 30 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93485
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 loader.js Show response
sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/ 62 KB
0 0ms
0ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/loader.js?target_type=notice&target=bFFMXGhn
Requested by: Host: membership.decathlon.com
URL: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32c03e31ccb36821d4e92b3fd8f5478dadf7e598b17400558786db12161c301d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: br
etag: W/"b8eeb243e942ba17f48102ffdbe533f5"
age: 3581
x-amzn-requestid: d93cd601-0b00-4455-9b14-c47b8ecdd5ee
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NR4CkFJa-SUYf-vXLffGfTzprtQ5wQ3E6FT-9oR9PvjAfyJ_SbvGCQ==
date: Mon, 30 Dec 2024 15:01:17 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=7200, public
x-didomi-remote-config-metadata: multiReg:true;legacyGlobalGdpr:false
x-amzn-trace-id: Root=1-676f49d1-730a9c2613bbd45820ccc5a6;Parent=7d1fc78c2d990c18;Sampled=0;Lineage=1:eaae1266:0
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-didomi-configs-version: 113
x-amz-cf-pop: JFK50-P5

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
0 0ms
0ms Script
application/x-javascript 2a03:2880:f35a:80:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/facebook-pixel.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-jOSGSRly' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Dec 2024 16:00:58 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-jOSGSRly' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=5761, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NgGPMssX4HRV5rpcz/1AN8Fbnb1Ghsb4aKtZqh0uUREeNDSz9lNzXRXY42qFZxieko/Yp98hnTjt5mPeUmyVVA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js Show response
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 375 KB
0 0ms
0ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/929521d8-0c53-458b-9f07-852d7d00d609/loader.js?target_type=notice&target=bFFMXGhn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac3fc470444e6c43074861393a5b8330469579b84f3ea27f93330bd752e589ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"21a1586bc1c99eb67d069773f0c262e4-1"
age: 1128753
via: 1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MgNQf7f1hfyde_peuL-oNqpDSEe-ueQ8V43fWmQXsk6Go1wnSQZxwQ==
date: Tue, 17 Dec 2024 14:28:26 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 14:28:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H3 401 accesstoken Show response
accounts.decathlon.com/united_membership/v1/auth/ 77 B
427 B 152ms
152ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f765d75abfa6a89b8412ad85277d65f3bec32545732cb1d52db5fa7868f54f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: cfff482b-6607-4844-bf48-2b66071844a5
x-correlation-id: cfff482b-6607-4844-bf48-2b66071844a5
cf-cache-status: DYNAMIC
etag: W/"4d-yQ1zSo6puHLrWcuIqwLl7lEFQww"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:01 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-credentials: true
cf-ray: 8fa33f010af94caf-PHL
access-control-allow-origin: https://membership.decathlon.com
content-length: 77
server: cloudflare

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/ 1 KB
75 B 25ms
25ms Script
application/javascript 146.75.33.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2KVK5C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.33.230 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62f2613769e26b06928d989a68159d9a6e745a3f30a366173dd3df769af7233f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
etag: "38f34b1d328562c50983acf08819059a"
age: 549655
x-amz-version-id: 7mT4e7GnDl65NK7jnWq8PuF4ukENnp_d
x-cache: HIT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Thu, 05 Dec 2024 10:43:22 GMT
x-served-by: cache-iad-kjyo7100093-IAD
x-cache-hits: 1
content-type: application/javascript
x-amz-id-2: CHt/SBz+BrVbnooX8H+40kQXbHqw0B3SYvSh/FIkBhldNNryuKTvX6XL9AAgx/ZRuLbkUBvALozcvHz1nShSmVWlePTtn/71
strict-transport-security: max-age=31557600
vary: Accept-Encoding
cache-control: max-age=0,must-revalidate
x-timer: S1735574462.622025,VS0,VE1
via: 1.1 varnish
x-amz-request-id: 4NGMMK6D3H251N4Y
accept-ranges: bytes
access-control-allow-origin: *
content-length: 532
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 ui-web-nl-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js Show response
sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ 273 KB
0 0ms
0ms Script
application/javascript 2600:9000:2510:4400:5:b7cc:d3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/ui-web-nl-web.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Requested by: Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d/modern/sdk.f9e11c55fc2b6c77b45c8b01825e76ac3cd0913d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:2510:4400:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f364358b14d46a26aa3b3dc1470f39bb0eb2cf67299ffef037a8bd38e89cc69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: br
etag: W/"366f62c325a06b774b64261db6753a90-1"
age: 1128697
via: 1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gzBnxlS5X0DRrcBZ9N2GA62Ms1s3BTdpMSl8sgGu275XJ9BbbgC9QA==
date: Tue, 17 Dec 2024 14:29:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 14:28:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256

GET
H2 200 generic1733395400952.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/ 388 KB
0 0ms
0ms Script
application/javascript 146.75.33.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/generic1733395400952.js
Requested by: Host: resources.digital-cloud-west.medallia.com
URL: https://resources.digital-cloud-west.medallia.com/wdcwest/558300/onsite/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.33.230 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6020fc4c4ad177c7718f11458c7fe4ddfd632b0e399768d3a97ef3c8828f71fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/

Response headers

content-encoding: gzip
etag: "a58bf8f7c38b5f72cf264b0d61136b3a"
x-amz-version-id: OmcIQ6TV1wYMXdV7QN5.QuUjbo8k.wQl
age: 549652
x-cache: HIT
date: Mon, 30 Dec 2024 16:00:59 GMT
last-modified: Thu, 05 Dec 2024 10:43:22 GMT
x-served-by: cache-iad-kjyo7100093-IAD
x-cache-hits: 0
content-type: application/javascript
x-amz-id-2: AWrJGHvoulGkQ4MGFFjQGyv7xSg5Q0Rfc06tRWT9O4pL8PU/q6s24O3hLsp4URY37GROwYBP0nM=
vary: Accept-Encoding
cache-control: max-age=2592000
x-timer: S1735574459.494225,VS0,VE2
via: 1.1 varnish
x-amz-request-id: GWBNH8ZAZS303TRH
accept-ranges: bytes
access-control-allow-origin: *
content-length: 88974
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 favicon.svg
membership.decathlon.com/images/ 1007 B
55 B 136ms
135ms Other
image/svg+xml 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/images/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

082134e93e65b87c62f096efcada177f0b395b0e9b9a026165599bebff2073dc

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27a-3ef"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33f0168954cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 /
accounts.decathlon.com/united_membership/v1/unleashToggles/ 128 KB
335 B 150ms
150ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/unleashToggles/

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: 66b626bb-1fca-467f-b626-bb1fca167f7d
x-correlation-id: 66b626bb-1fca-467f-b626-bb1fca167f7d
cf-cache-status: DYNAMIC
etag: W/"200a8-CHAqZP89jdC/+HX187Ft16Re2YE"
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:01 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache
access-control-allow-credentials: true
cf-ray: 8fa33f0209464cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
server: cloudflare

GET
H2 200 favicon.png
membership.decathlon.com/images/ 719 B
42 B 140ms
140ms Other
image/png 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/images/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

cf-cache-status: MISS
etag: "6765b27a-2cf"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:00 GMT
date: Mon, 30 Dec 2024 16:01:01 GMT
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
content-type: image/png
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33f02498d4cb1-PHL
permissions-policy: fullscreen=()
accept-ranges: bytes
content-length: 719
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 /
accounts.decathlon.com/united_membership/v1/countryConfiguration/ 34 KB
334 B 140ms
140ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/countryConfiguration/

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: 45ab117f-6b34-493e-ab11-7f6b34993e53
x-correlation-id: 45ab117f-6b34-493e-ab11-7f6b34993e53
cf-cache-status: DYNAMIC
etag: W/"88a0-+Wj1O4LU46qEPoSjDoJnpvmikDQ"
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, no-cache
access-control-allow-credentials: true
cf-ray: 8fa33f033a954cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
server: cloudflare

GET
H3 200 home-samples
accounts.decathlon.com/united_membership/v1/rewards/ 1 KB
772 B 145ms
144ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/rewards/home-samples

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
accept-language: nl-BE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: f21d62b0-a1ad-4be5-9d62-b0a1adbbe5be
x-correlation-id: f21d62b0-a1ad-4be5-9d62-b0a1adbbe5be
cf-cache-status: DYNAMIC
etag: W/"561-i6xebhLzNq6wn14VdTOhyIoJDM8"
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-language
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: public, max-age=900
access-control-allow-credentials: true
cf-ray: 8fa33f041b874cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
server: cloudflare

GET
H3 401 check
accounts.decathlon.com/united_membership/v1/auth/ 77 B
425 B 157ms
156ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/check

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: cd8ab9c7-df12-4552-8ab9-c7df12a55244
x-correlation-id: cd8ab9c7-df12-4552-8ab9-c7df12a55244
cf-cache-status: DYNAMIC
etag: W/"4d-yQ1zSo6puHLrWcuIqwLl7lEFQww"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-credentials: true
cf-ray: 8fa33f042f564caf-PHL
access-control-allow-origin: https://membership.decathlon.com
content-length: 77
server: cloudflare

GET
H2 200 sprite.svg
membership.decathlon.com/images/svg/ 350 KB
101 KB 155ms
155ms Other
image/svg+xml 2606:4700:4400::6812:2467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://membership.decathlon.com/images/svg/sprite.svg

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"6765b27a-57995"
x-content-type-options: nosniff
expires: Mon, 30 Dec 2024 16:01:01 GMT
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: image/svg+xml
last-modified: Fri, 20 Dec 2024 18:07:54 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
cache-control: no-cache
cf-ray: 8fa33f042b914cb1-PHL
permissions-policy: fullscreen=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 24ms
24ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Condensed:ital,wght@0,400;0,700;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 269556
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Dec 2025 13:08:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Dec 2024 13:08:26 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Roboto+Condensed:ital,wght@0,400;0,700;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://membership.decathlon.com
Referer: https://fonts.googleapis.com/

Response headers

age: 444990
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Dec 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 401 accesstoken
accounts.decathlon.com/united_membership/v1/auth/ 77 B
425 B 138ms
137ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: 47760e3e-6b21-484d-b60e-3e6b21784dde
x-correlation-id: 47760e3e-6b21-484d-b60e-3e6b21784dde
cf-cache-status: DYNAMIC
etag: W/"4d-yQ1zSo6puHLrWcuIqwLl7lEFQww"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-credentials: true
cf-ray: 8fa33f044f894caf-PHL
access-control-allow-origin: https://membership.decathlon.com
content-length: 77
server: cloudflare

GET
H2

200

Primary Request / Show response
login.decathlon.net/
Redirect Chain

https://accounts.decathlon.com/united_membership/auth/login?locale=nl-BE
https://api-global.decathlon.net/connect/oauth/authorize?response_type=code&client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&redirect_uri=https://accounts.decathlon.com/united_membership/auth/callbac...
https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42bf-bb17-99b5b752bfb9

4 KB
2 KB

263ms
148ms

Document
text/html

2606:4700:4400::ac40:925c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.decathlon.net/?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42bf-bb17-99b5b752bfb9

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:925c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13868fe3449ea8da3ce7317a136a27d935d1f9278fc7d93bbcabeaa31a3cf253

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://membership.decathlon.com/nl-BE/reward/270/?SPMID=9a2c5393-651a-4843-be67-f903ebebdc83&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=auto_loyalty&utm_campaign=POINT_REDEMPTION_B_V2_2/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *.decathlon.net
cf-cache-status: DYNAMIC
cf-ray: 8fa33f08ea914cb6-PHL
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Mon, 30 Dec 2024 16:01:02 GMT
last-modified: Thu, 19 Dec 2024 08:28:06 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8fa33f06dfa40f95-EWR
content-length: 0
date: Mon, 30 Dec 2024 16:01:02 GMT
expires: 0
location: https://login.decathlon.net?client_id=5a1b8ea3-cc60-40b8-a09e-f1cd4f3ded96&ui_locales=nl_BE&correlation_id=a0fb1799-b5b7-42bf-bb17-99b5b752bfb9
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-correlation-id: a0fb1799-b5b7-42bf-bb17-99b5b752bfb9
x-frame-options: DENY
x-request-id: a0fb1799-b5b7-42bf-bb17-99b5b752bfb9
x-xss-protection: 0

GET
H3 401 270
accounts.decathlon.com/united_membership/v1/rewards-catalog/ 49 B
254 B 47ms
47ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/rewards-catalog/270

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer undefined
Referer: https://membership.decathlon.com/
Accept-Language: nl-BE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 5e8831cc-ccd5-42d2-a411-c5d838c93f76

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8fa33f058d324cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
content-length: 49
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

OPTIONS
H3 200 270
accounts.decathlon.com/united_membership/v1/rewards-catalog/ 0
0 52ms
52ms Preflight 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/rewards-catalog/270

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://membership.decathlon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-api-key, authorization, x-custom-lang
access-control-allow-methods: DELETE, POST, GET, PATCH
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8fa33f052cd74cb1-PHL
content-length: 0
date: Mon, 30 Dec 2024 16:01:02 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

GET
H3 401 accesstoken
accounts.decathlon.com/united_membership/v1/auth/ 77 B
425 B 152ms
151ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://membership.decathlon.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 643295dd-41c4-4d1c-ada2-2eca0093cd39

Response headers

x-request-id: b7c7b9a4-0b59-4821-87b9-a40b59982190
x-correlation-id: b7c7b9a4-0b59-4821-87b9-a40b59982190
cf-cache-status: DYNAMIC
etag: W/"4d-yQ1zSo6puHLrWcuIqwLl7lEFQww"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-credentials: true
cf-ray: 8fa33f05d9a74caf-PHL
access-control-allow-origin: https://membership.decathlon.com
content-length: 77
server: cloudflare

GET
H3 401 270
accounts.decathlon.com/united_membership/v1/rewards-catalog/ 49 B
254 B 51ms
51ms Fetch
application/json 2606:4700:4400::6812:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.decathlon.com/united_membership/v1/rewards-catalog/270

Requested by

Host: membership.decathlon.com
URL: https://membership.decathlon.com/assets/index-DTGWC-pF.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Authorization: Bearer undefined
Referer: https://membership.decathlon.com/
Accept-Language: nl-BE
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
x-api-key: 5e8831cc-ccd5-42d2-a411-c5d838c93f76

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
cf-ray: 8fa33f06ce764cb1-PHL
access-control-allow-origin: https://membership.decathlon.com
alt-svc: h3=":443"; ma=86400
content-length: 49
server-timing: cfExtPri
date: Mon, 30 Dec 2024 16:01:02 GMT
content-type: application/json
server: cloudflare
priority: u=1,i

GET css2
fonts.googleapis.com/ 0
0

GET login-config.js
login.decathlon.net/config/ 0
0

GET index-VEmJu8o4.js
login.decathlon.net/assets/ 0
0

GET index-ECAOfA_e.css
login.decathlon.net/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accounts.decathlon.com
URL: https://accounts.decathlon.com/united_membership/v1/rewards/home-samples

Domain: accounts.decathlon.com
URL: https://accounts.decathlon.com/united_membership/v1/auth/check

Domain: membership.decathlon.com
URL: https://membership.decathlon.com/images/svg/sprite.svg

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: accounts.decathlon.com
URL: https://accounts.decathlon.com/united_membership/v1/auth/accesstoken

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,700&display=swap

Domain: login.decathlon.net
URL: https://login.decathlon.net/config/login-config.js

Domain: login.decathlon.net
URL: https://login.decathlon.net/assets/index-VEmJu8o4.js

Domain: login.decathlon.net
URL: https://login.decathlon.net/assets/index-ECAOfA_e.css

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decathlon.net/connect/	1970-01-21 02:27:50	Name: SESSION Value: ZjU3OTlhZmMtZmJiOC00M2ViLThjYWQtYjU0ZWFmM2VjZDdj
.decathlon.net/connect	1970-01-21 02:27:50	Name: SESSION Value: ZjU3OTlhZmMtZmJiOC00M2ViLThjYWQtYjU0ZWFmM2VjZDdj
.membership.decathlon.com/	1970-01-21 02:06:16	Name: __cf_bm Value: scozg9Idrao6BpTbhmfz1OVps2i15ECzCL.3j1Tobdo-1735574458-1.0.1.1-bTZ6BvRM4X58LiZHLB6FuBYimEjOiqvafh7r9ijwaR.Jv6CC2b8Y3WIjm9Blby.YQWCzCk80cT8shGjdOK1ayQ
.decathlon.com/	1970-01-21 06:29:45	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTk0MTg0YzktMjc4ZS02NDZkLTlmMWQtZWFlZDgxMjdkMzVlIiwiY3JlYXRlZCI6IjIwMjQtMTItMzBUMTY6MDA6NTkuMDAxWiIsInVwZGF0ZWQiOiIyMDI0LTEyLTMwVDE2OjAwOjU5LjAwMVoiLCJ2ZXJzaW9uIjpudWxsfQ==
membership.decathlon.com/	1970-01-21 10:51:50	Name: kampyle_userid Value: 100a-3c9d-dda4-67e8-5911-d0b8-e9be-329b
membership.decathlon.com/	1970-01-21 10:51:50	Name: kampyleUserSession Value: 1735574459549
membership.decathlon.com/	1970-01-21 10:51:50	Name: kampyleUserSessionsCount Value: 1
membership.decathlon.com/	1970-01-21 10:51:50	Name: kampyleSessionPageCounter Value: 2
.api-global.decathlon.net/	1970-01-21 02:06:16	Name: __cf_bm Value: 4vXnZhp4OD0hnzjxakTnMDwMLK9T57Zj2FJGP_eVZTA-1735574462-1.0.1.1-AB9c1gNCso5yH1txt86_txQr4v4H7w2pkSchFvXzPLaFaXUw8VbGGROjybz8m2Ov2JLxuYiSybJ49xOETYnzww
.login.decathlon.net/	1970-01-21 02:06:16	Name: __cf_bm Value: k5XLfGYQU2s3Wc5w68YwUHYmmHiDppJTSMUmFiNV3qg-1735574462-1.0.1.1-.76I331Q1IP7nh2RjrVnUT8cAYWFN23r1oTczMGG1D_CmwTI667wg_4ZQXNvZuzitY3.lfId94imQc7YGOxHBg
login.decathlon.net/	1970-01-21 02:07:37	Name: __cflb Value: 02DiuGQ8njiH9BeC9WhtePZS5RPbGcDGDSg7SvYm22YfN

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.decathlon.com/united_membership/v1/auth/accesstoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/auth/accesstoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/auth/check Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/auth/accesstoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/rewards-catalog/270 Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/auth/accesstoken Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://accounts.decathlon.com/united_membership/v1/rewards-catalog/270 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'self' 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline'; img-src * data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.decathlon.com
api-global.decathlon.net
click.email.decathlon.be
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
login.decathlon.net
membership.decathlon.com
npm.member.decathlon.net
resources.digital-cloud-west.medallia.com
sdk.privacy-center.org
www.googletagmanager.com
accounts.decathlon.com
fonts.googleapis.com
fonts.gstatic.com
login.decathlon.net
membership.decathlon.com
13.111.165.244
146.75.33.230
2600:9000:2510:4400:5:b7cc:d3c0:93a1
2606:4700:4400::6812:2467
2606:4700:4400::6812:29f5
2606:4700:4400::6812:2bc4
2606:4700:4400::ac40:925c
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81d::2008
2a03:2880:f35a:80:face:b00c:0:3
35.190.42.188
082134e93e65b87c62f096efcada177f0b395b0e9b9a026165599bebff2073dc
08f453a357089f8458fd973e3328139911b83141edd82baf1105ff5242b56c04
13868fe3449ea8da3ce7317a136a27d935d1f9278fc7d93bbcabeaa31a3cf253
19da2fd0091864c54388e135a0af4143db9331d8a0eb58eb1d24f9f24d6ad64b
1e1b9094ae67f28fe162ae829ec8aaed95634532c87e560015848322711b4e44
1f364358b14d46a26aa3b3dc1470f39bb0eb2cf67299ffef037a8bd38e89cc69
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
32c03e31ccb36821d4e92b3fd8f5478dadf7e598b17400558786db12161c301d
3756dc67d767d8a3ff4a9644419538b702d76004cfec241f519c8adbada3b672
39c94fc4877fa8517ef8398084dd8453482c1b37d23d4f4ff8552ee1aebfc22f
56efe9a7fbbbd49d655cb412c58277f247705282e9a12720c64beacc84fbcc61
6020fc4c4ad177c7718f11458c7fe4ddfd632b0e399768d3a97ef3c8828f71fe
62dba933e5020027a5ab294d3c39de9263136b5d487bb19dcff13fdae330542f
62f2613769e26b06928d989a68159d9a6e745a3f30a366173dd3df769af7233f
ac3fc470444e6c43074861393a5b8330469579b84f3ea27f93330bd752e589ab
c0466bd57b41990c99f12b974da0b3b24cea62826022c5ac3618a5c014963e3f
c9e301af52e52886fbee6b48c9e9bcf7c76d1fb5e4a82ba7ba16582b74188840
de69e99b814eb4d0196d0998ebc13a07767102307dcc8515833643c8a2ce9f40
f765d75abfa6a89b8412ad85277d65f3bec32545732cb1d52db5fa7868f54f1b
ffc2a5c04f701fcf01abbe3e6c8769caddefbcdcfb2d6682d912bca3b983f919

login.decathlon.net Open in urlscan Pro 2606:4700:4400::ac40:925c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

83 %HTTPS

75 %IPv6

9 Domains

12 Subdomains

11 IPs

1 Countries

2228 kBTransfer

27720 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.decathlon.net Open in urlscan Pro
2606:4700:4400::ac40:925c Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

83 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

11
IPs

1
Countries

2228 kB
Transfer

27720 kB
Size

11
Cookies

65 HTTP transactions
2 data transactions