DYNAMIC
8430b9db9e25570b-DUB
max-age=0, reload, no-cache, no-store, must-revalidate
keep-alive
gzip
block-all-mixed-content ;upgrade-insecure-requests ;default-src 'self' *.criteo.com *.criteo.net adventori.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.abtasty.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' *.abtasty.com *.y-track.com *.google-analytics.com *.googletagmanager.com www.googletagmanager.com vjs.zencdn.net www.google.com/recaptcha/ www.gstatic.com/recaptcha/ ui.onepay.decathlon.net *.paypal.com *.braintreegateway.com *.brightcove.net *.trylive.com *.googleapis.com sdk.privacy-center.org sdk.woosmap.com www.booxi.eu appmobile-bridge-js.s3-eu-west-1.amazonaws.com *.woosmap.com ui.onepay-qualification.decathlon.io cdn.tagcommander.com *.facebook.net *.dynatrace.com platform.commandersact.com *.commander1.com *.criteo.com *.criteo.net *.adnxs.com adventori.com www.googleadservices.com bat.bing.com *.salecycle.com *.doubleclick.net *.hotjar.com redirect3536.tagcommander.com *.oppwa.com oppwa.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net qanda.decathlon.com wurfl.io *.commandersact.com translate.google.com nxtck.com onepay-ui.decathlon.net *.contentsquare.net *.contentsquare.com www.youtube.com wss://*.hotjar.com *.loadbee.com production.transcript.decathlon.io development.transcript-qualification.decathlon.io via.batch.com *.dynamicyield.com *.klarnaservices.com rum.browser-intake-datadoghq.eu *.onepay-v2-commons-prod-0ywm.decathlon.io screencapture.kampyle.com screencapture-cdn.kampyle.com resources.digital-cloud.medallia.eu sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com resources.digital-cloud-west.medallia.com pay.google.com/gp/p/js/pay.js applepay.cdn-apple.com session-replay.browser-intake-datadoghq.eu safesizepublic.ucscentral.com google.com/pay creativecdn.com *.creativecdn.com *.zdassets.com *.cube-net.org *.cube-net.pub *.facebook.com *.googleadservices.com *.googleoptimize.com *.gstatic.com connect.facebook.net *.adform.net *.app.baqend.com *.bing.com *.cloudfront.net *.convertiser.com *.custhelp.com *.datadoghq.eu *.decathlon.ch *.easyence.com *.online-metrix.net *.retailrocket.net *.rtbhouse.com *.tagcommander.com *.trackjs.com *.trustcommander.net *.usabilla.com *.useinsider.com appserver-develop.app.inteliwi.se brightcove.hs.llnwd.net brightcove.vo.llnwd.net browser.sentry-cdn.com cdn.jsdelivr.net maps.googleapis.com s3-eu-west-1.amazonaws.com storage.googleapis.com trustmate.io ui.onepay.decathlon.io urldefense.proofpoint.com *.google.fr www.snrcdn.net *.google.com widget.intercom.io js.intercomcdn.com p.teads.tv h.online-metrix.net pay.datatrans.com payment.datatrans.biz payment.datatrans.swiss payment.datatrans2.biz pay.sandbox.datatrans.com pilot.datatrans.biz *.mopinion.com client.crisp.chat settings.crisp.chat view.publitas.com scripts.publitas.com https://scripts.publitas.com pagead2.googlesyndication.com;connect-src 'self' *.google-analytics.com *.analytics.google.com *.abtasty.com *.y-track.com *.woosmap.com *.brightcove.com *.paypal.com *.braintree-api.com *.braintreegateway.com *.decathlon.net *.decathlon.com *.booxi.eu api.privacy-center.org www.facebook.com *.doubleclick.net bat.bing.com browser-http-intake.logs.datadoghq.eu api.booxi.eu bf97725pbp.bf.dynatrace.com *.hotjar.com *.hotjar.io *.oppwa.com oppwa.com *.brightcove.net checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net qanda.decathlon.com booxi-api-be.appspot.com booxi-api.appspot.com sync.commander1.com *.boltdns.net *.akamaihd.net *.contentsquare.net tracking-api-4lasu2nlcq-ew.a.run.app insights.decathlon.net transaction-api-4lasu2nlcq-ew.a.run.app order-insights.decathlon.net *.googleapis.com wss://*.hotjar.com www.googletagmanager.com via.batch.com ws.batch.com production.transcript.decathlon.io development.transcript-qualification.decathlon.io *.klarnaservices.com rum.browser-intake-datadoghq.eu *.onepay-v2-commons-prod-0ywm.decathlon.io resources.digital-cloud.medallia.eu ubt-lb.digital-cloud.medallia.eu sbt-prod.kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com resources.digital-cloud-west.medallia.com https://www.google.com/pay signin.easyence.tech google.com/pay https://pay.google.com *.creativecdn.com https://session-replay.browser-intake-datadoghq.eu/api/ api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.retailrocket.net tracking.retailrocket.net manifest.prod.boltdns.net api.usabilla.com t.teads.tv cm.teads.tv uploads.intercomcdn.com h.online-metrix.net *.mopinion.com fpc.decathlon.ch client.crisp.chat storage.crisp.chat wss://client.relay.crisp.chat wss://stream.relay.crisp.chat *.dynamicyield.com *.dynamicyield.eu pagead2.googlesyndication.com;img-src 'self' data: blob: *.decathlon.com *.cube-net.org *.cube-net.pub contents.mediadecathlon.com *.google-analytics.com *.googletagmanager.com *.brightcove.com *.brightcove.net *.paypal.com prod-wt.aws.y-track.com manager.tagcommander.com *.googleapis.com *.abtasty.com *.woosmap.com www.facebook.com www.google.com www.google.es www.google.fr www.google.it www.google.nl www.google.be www.google.pl *.doubleclick.net bat.bing.com *.gstatic.com sync.commander1.com *.atdmt.com tag.goldenbees.fr *.crm4d.com *.adsrvr.org *.adnxs.com sdk.privacy-center.org checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.klarnacdn.net voucher.decathlon.net apigift.decathlon.com site.booxi.com www.mediadecathlon.com *.boltdns.net *.mediadecathlon.com *.contentsquare.net *.googleadservices.com adservice.google.com wss://*.hotjar.com via.batch.com ws.batch.com *.onepay-v2-commons-prod-0ywm.decathlon.io screencaptue-cdn.kampyle.com resources.digital-cloud.medallia.eu udc-neb.kampyle.com nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com cdn-workshop-pop.decathlon.net *.zdassets.com *.braintreegateway.com *.facebook.com *.google.ch *.google.de *.y-track.com connect.facebook.net *.adform.net *.bing.com *.cloudfront.net *.commander1.com *.commandersact.com *.convertiser.com *.custhelp.com *.decathlon.ch *.easyence.com *.online-metrix.net *.retailrocket.net *.rtbhouse.com *.seadform.net *.tagcommander.com *.trackjs.com *.trustcommander.net *.usabilla.com *.useinsider.com appmobile-bridge-js.s3-eu-west-1.amazonaws.com brightcove.hs.llnwd.net brightcove.vo.llnwd.net inteliwise-client.s3.amazonaws.com inteliwise-eu.s3.amazonaws.com maps.googleapis.com s3-eu-west-1.amazonaws.com trustmate.io ui.onepay.decathlon.io *.google.fr *.googleoptimize.com onepay-ui.decathlon.net *.google.com *.intercomcdn.com *.intercomassets.com cf-images.eu-west-1.prod.boltdns.net t.teads.tv cm.teads.tv *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-9.com *.mopinion.com client.crisp.chat image.crisp.chat storage.crisp.chat ade.googlesyndication.com;style-src 'self' 'unsafe-inline' www.booxi.eu fonts.googleapis.com *.decathlon.com *.oppwa.com oppwa.com checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com *.abtasty.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.mediadecathlon.com wss://*.hotjar.com scripts.publitas.com *.klarnacdn.net *.onepay-v2-commons-prod-0ywm.decathlon.io resources.digital-cloud.medallia.eu screencaptue-cdn.kampyle.com nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com *.cube-net.org *.cube-net.pub *.decathlon.net *.cloudfront.net *.decathlon.ch *.retailrocket.net *.useinsider.com trustmate.io *.google-analytics.com www.snrcdn.net *.mopinion.com client.crisp.chat *.dynamicyield.com;font-src 'self' data: *.decathlon.com fonts.gstatic.com *.oppwa.com oppwa.com *.abtasty.com qanda.decathlon.com *.googleapis.com *.gstatic.com *.klarnacdn.net *.onepay-v2-commons-prod-0ywm.decathlon.io resources.digital-cloud.medallia.eu nebula-cdn.kampyle.com resources.digital-cloud-west.medallia.com cdn-workshop-pop.decathlon.net js.intercomcdn.com *.mopinion.com client.crisp.chat;object-src view.publitas.com;base-uri 'self' *.cloudfront.net;worker-src 'self' blob: via.batch.com 'unsafe-eval' 'unsafe-inline' *.cube-net.org *.cube-net.pub ws:;media-src 'self' blob: secure.brightcove.com *.brightcove.com *.brightcove.net *.boltdns.net *.mediadecathlon.com *.criteo.com bcboltbde696aa-a.akamaihd.net *.akafms.net *.akamaihd.net *.cube-net.org *.cube-net.pub data: brightcove.hs.llnwd.net brightcove.vo.llnwd.net js.intercomcdn.com client.crisp.chat;frame-src 'self' *.youtube.com www.google.com/recaptcha/ saas.trylive.com/ site.booxi.eu/ reviews.decathlon.com www.facebook.com *.doubleclick.net *.atdmt.com c.paypal.com checkout.paypal.com www.paypal.com *.hotjar.com *.oppwa.com oppwa.com *.brightcove.net checkoutshopper-live.adyen.com checkoutshopper-test.adyen.com *.klarnaevt.com *.klarna.com *.klarnacdn.com qanda.decathlon.com reviews-collect-eu.satisphere.decathlon.net *.mediadecathlon.com view.publitas.com www.pinterest.com *.abtasty.com *.decathlon.net wss://*.hotjar.com players.brightcove.net screencapture.kampyle.com nebula-cdn.kampyle.com resources.digital-cloud.medallia.eu resources.digital-cloud-west.medallia.com pay.google.com safesizepublic.ucscentral.com *.klarnaservices.com creativecdn.com *.creativecdn.com *.cube-net.org *.cube-net.pub *.decathlon.com *.facebook.com *.google.ch *.adform.net *.cloudfront.net *.custhelp.com *.decathlon.ch *.online-metrix.net *.paypal.com *.retailrocket.net *.salecycle.com *.tagcommander.com *.useinsider.com *.google.com intercom-sheets.com pay.datatrans.com payment.datatrans.biz payment.datatrans.swiss payment.datatrans2.biz pay.sandbox.datatrans.com pilot.datatrans.biz *.mopinion.com game.crisp.chat;frame-ancestors 'self';
text/html; charset=utf-8
Wed, 10 Jan 2024 00:15:31 GMT
no-referrer-when-downgrade
cloudflare
PLAY_LANG=de; Max-Age=64000; Expires=Wed, 10 Jan 2024 18:02:11 GMT; Path=/; HTTPOnly, DKT_SESSION=buQmv6OPC/XrgQGdfpClcxrosrGWb1PZB1r2yDm5+YC/tgmVq5fStKO6G//rF3wOCuWBNnuCc433hDSCWQH002sBHq/2ONvrzb8/9fZz4dfrchtmalj0oUok0Pk1ilRt7En3IpVqvV9k+J6NZNbcns3A6ndi4FIvlVbIZc3qOww=; Max-Age=2591999; Expires=Fri, 09 Feb 2024 00:15:30 GMT; Path=/; Secure; HTTPOnly, PLAY_SESSION=1af4a5e24f5628516c8f203a55eecca06d9fc252-APISERVER=API03&JSESSIONID=CGLwuWVrDhWeapfbws8Lkagx5WIUxdI3oGg9wzUYVAGEo4bJ8tn0%21-1632841828; Path=/; Secure; HTTPOnly, ACTIVE_USER=y;Max-Age=900;HttpOnly;Secure;Path=/
max-age=15768000; includeSubDomains; preload
nosniff
SAMEORIGIN
master-only
1; mode=block
|