jdsports.co.uk

.uk crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 4271 ms crawled 2026-05-19

IE · 52.210.252.101 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: JD Sports UK - Forever Forward
Description: Shop the biggest brands online now at JD Sports ✓Free Standard Delivery ✓Students get 10% discount and earn 20% JD cash ✓ Buy Now, Pay Later
Language: en
Canonical: https://www.jdsports.co.uk/

Open Graph

url: https://www.jdsports.co.uk/
title: JD Sports UK - Forever Forward
site name: JD Sports
description: Shop the biggest brands online now at JD Sports ✓Free Standard Delivery ✓Students get 10% discount and earn 20% JD cash ✓ Buy Now, Pay Later

Technology

Server: nginx
CMS: Nuxt

Analytics

Google Analytics
Google Tag Manager

Ads

Criteo
Google Ads (DoubleClick)
Magnite
Meta Pixel
Outbrain
TikTok Pixel

Fonts

Google Fonts

Third-party hosts loaded (30)

content-ssr1.cloud.jdplc.com×34
i8.amplience.net×34
jpl.a.bigcontent.io×34
jdsports-client-resources.co.uk×7
maxcdn.bootstrapcdn.com×5
nexus.ensighten.com×4
ads.yahoo.com×3
af.monetate.net×3
analytics.tiktok.com×3
apis.google.com×3
bam.nr-data.net×3
cm.g.doubleclick.net×3
connect.facebook.net×3
content-v2-ssr.cloud.jdplc.com×3
d.monetate.net×3
f.monetate.net×3
fonts.gstatic.com×3
googletagmanager.com×3
gum.criteo.com×3
js-agent.newrelic.com×3
pixel.rubiconproject.com×3
sb.monetate.net×3
se.monetate.net×3
sync.outbrain.com×3
ui.powerreviews.com×3
ws.sessioncam.com×3
www.google-analytics.com×3
www.google.com×3
checkout-prod-new-relic.s3.amazonaws.com×1
d2tefupx1dneli.cloudfront.net×1

Social

Registration

Registrar

Team Blue Internet Services UK Limited t/a Team Blue Internet Services Limited t/a names.co.uk

Created

1997-04-30

Expires

2027-04-30 344 days left

Updated

2026-03-09

Name servers

ns-1290.awsdns-33.org.
ns-1986.awsdns-56.co.uk.
ns-439.awsdns-54.com.
ns-810.awsdns-37.net.

DNS records live

NS

ns-1290.awsdns-33.org
ns-1986.awsdns-56.co.uk
ns-439.awsdns-54.com
ns-810.awsdns-37.net

MX

10 jdsports-co-uk.mail.protection.outlook.com

TXT

Show 4 TXT records

fastly-domain-delegation-jkgwv7stqzsmp3jwwhtk-423016-2025-06-11
mandrill_verify.QMgvIFGtpMsqfTuQpbmcGA
Validity-Domain-Verification=Mi9vw6Ak/Id/xomfiDdS9TEiuzw=
amazonses:mXdixnTfuQuUqdv7yJEeJkmG3EVQ1jd5ZWTt+zZRV48=

Verified for

Apple
Google
Meta
Microsoft 365

Email authentication partial

SPF

v=spf1 include:amazonses.com include:mail.zendesk.com include:mailgun.org ~all

softfail (~all)

DMARC

v=DMARC1; p=none; pct=100; rua=mailto:dmarc@jdplc.com; ruf=mailto:dmarc@jdplc.com; fo=1

policy: none (monitoring only)

DKIM

selector1: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoUgU5TYlB5ux4pwIz3T0PgTALquFAQXLt34EumuP3QX+TBWx3GcW/XhOSdDyH6PgPH/xuPE05Or5pQkr8Hk…

selectors probed

Certificate (current)

R12

from 2026-05-01 to 2026-07-30

Expires in 71 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked live page: https://www.jdsports.co.uk/

present

strict-transport-security
content-security-policy
x-frame-options
referrer-policy

findings

short HSTS max-age
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing content type protection
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self' *.smartagent.app *.jdmesh.co *.choicestore.com http://localhost:* https://localhost:*; form-action https:; script-src https: 'unsafe-inline' 'unsafe-eval';worker-src blob:;
strict-transport-security: max-age=86400