Start Free
Tracking & Pixels

How Nike Tracks Every Visitor With 10+ Pixels, 87 Scripts & a Data Architecture Now Facing Lawsuits

Complete audit of every tracking pixel, third-party script, and consent mechanism on nike.com — plus the class-action lawsuits that allege Nike collects browsing data without consent.

Get This Report For Your Brand Continue reading
Data as of March 20, 2026 10+ tracking pixels confirmed 87 JS requests · 8.9 MB
Listen to this article
0:00 / 0:00
10+
Tracking pixels
87
JS requests per load
40+
External domains
2
Active lawsuits
5 things you'll learn in this report:
1Which tracking pixels did court filings confirm Nike embeds without consent?
2Why does nike.com fire 87 JavaScript requests totaling 8.9MB on every page load?
3What happens in the first 2 seconds when your browser hits nike.com?
4How does Nike's tracking footprint compare to other athletic ecommerce brands?
5What 5 tracking improvements can you implement from Nike's data architecture today?

First: Why Should You Care About Nike's Tracking Setup?

Court filings, security headers, and technology detection reveal what most brands hide

Because Nike's tracking setup is now a legal case study. Two class-action lawsuits allege that Nike collects browsing data without consent — and the court filings name the exact vendors involved. Understanding what happened here shows you what NOT to do (see also our full tech stack breakdown):

87

Nike.com fires 87 JavaScript requests totaling 8.9MB on every page load — that's tracking, analytics, performance monitoring, and CDN calls combined. Each script is a potential privacy liability and a performance bottleneck.

Source: Request Metrics — Web Performance Profiling: nike.com
$4.1B

Nike spent $4.1B on demand creation (advertising) in fiscal 2024. When you spend that much on ads, every pixel matters. Google, Meta, and The Trade Desk all confirmed in court filings as tracking visitors on nike.com — feeding Nike's multi-billion-dollar ad machine.

Source: Nike 10-K filing, SEC EDGAR (verified fact)
1.4 TB

In January 2026, hackers claimed to have stolen 1.4TB of Nike's internal data — 188,347 files. Nike confirmed it was investigating. Combined with two tracking lawsuits, Nike's data practices face unprecedented scrutiny from consumers, regulators, and attackers.

Source: The Register — Data thieves claim 1.4TB from Nike

The Cookie Breakdown

What Nike's confirmed tracking platforms tell us about their cookie footprint

Nike's tracking platforms each set well-known cookies with documented behaviors. Based on the platforms confirmed via court filings (Google, Meta, The Trade Desk), technology detection (GA4, New Relic, Akamai mPulse, Singular), and Nike's own privacy policy, we can map the expected cookie categories. Nike's privacy policy explicitly states they use “cookies, pixel tags, identifiers for mobile devices, and other similar technologies.”

We estimate ~40% of Nike's cookies serve advertising purposes. Court filings in Abdullah v. Nike confirm that Google, Meta, and The Trade Desk all track visitors across nike.com — each platform setting multiple cookies to build behavioral profiles for ad retargeting.

Confirmed Cookie Platforms (Verified Sources)

Cookie Name Domain Type Category Expiry Purpose
_ga .nike.com 1st Analytics 2 years Google Analytics client ID — distinguishes unique users (confirmed via webtechsurvey)
_ga_* .nike.com 1st Analytics 2 years GA4 measurement session persistence
_gid .nike.com 1st Analytics 24 hours Google Analytics session grouping
_fbp .nike.com 1st Advertising 3 months Meta Pixel — tracks visitors for ad targeting (confirmed in Abdullah v. Nike lawsuit)
_fbc .nike.com 1st Advertising 3 months Meta Pixel — stores click identifier from Facebook ads
fr .facebook.com 3rd Advertising 3 months Facebook cross-site ad delivery and retargeting
_gcl_au .nike.com 1st Advertising 3 months Google Ads conversion linker — ties clicks to conversions
TDID .adsrvr.org 3rd Advertising 1 year The Trade Desk — unified ID for programmatic ad targeting (confirmed in Abdullah v. Nike lawsuit)
TDCPM .adsrvr.org 3rd Advertising 1 year The Trade Desk — cookie matching for programmatic display
NREUM .nike.com FUNC Performance Session New Relic — real user monitoring session data (confirmed via webtechsurvey)
RT .nike.com FUNC Performance 7 days Akamai mPulse / Boomerang — page load timing data
Key Finding

Nike's Permissions-Policy HTTP header references sdk-api-v1.singular.net — confirming Singular as Nike's mobile attribution platform. This is significant because Singular tracks cross-device behavior between Nike's website and app, connecting web browsing sessions to mobile app installs and purchases. Nike's privacy policy discloses this: “We may combine information about you from your use of Nike digital experiences on a device with information from other Nike digital experiences and devices.”

This cookie audit is exactly the kind of analysis LeadMaxxing generates automatically for any ecommerce site — cookie inventory, category breakdown, expiry audit, and compliance gaps — delivered to your inbox in under 60 seconds.

Tracking Pixels & Tags

10+ distinct tracking technologies confirmed across advertising, analytics, and performance monitoring

Nike runs at least 10 distinct tracking technologies, spanning advertising pixels, analytics platforms, performance monitoring, and mobile attribution. Several were confirmed not by Nike themselves, but by plaintiffs in federal court filings. Here’s what we detected through CSP headers, public filings, and technology scanning:

Google Analytics (GA4) Meta Pixel Google Ads The Trade Desk Singular New Relic Akamai mPulse Boomerang Cookie Settings (CMP) reCAPTCHA
f
Meta Pixel
Advertising
Meta Pixel detected — ID redacted for privacy
Confirmed in Abdullah v. Nike (2025) court filings. Tracks page views, add-to-cart, and purchase events. Sends data to Meta for Facebook/Instagram ad retargeting, lookalike audiences, and conversion optimization.
Fires: PageView on every load • AddToCart • Purchase • ViewContent
G
Google Analytics 4
Analytics
Google Analytics 4 property detected
Confirmed via webtechsurvey technology detection. Core web analytics tracking sessions, page views, scroll depth, and ecommerce events. Nike's privacy policy lists Google Analytics and Google Signals as data collection tools.
Fires: page_view • scroll • click • purchase • view_item
G
Google Ads Conversion
Advertising
Google Ads conversion tag detected
Named in Nike's US privacy policy and confirmed in court filings. Measures Google Ads conversions, links ad clicks to on-site purchases, and powers automated bidding across Search, Shopping, and YouTube campaigns.
Fires: conversion on purchase • remarketing on all pages
TTD
The Trade Desk
Programmatic Advertising
The Trade Desk tracking detected — confirmed in court filings
Named in Abdullah v. Nike lawsuit (2025). The Trade Desk enables programmatic display and video advertising across thousands of publisher sites. Collects IP addresses, browsing data, and device info per the lawsuit allegations.
Fires: page_view • conversion events • audience sync
S
Singular
Mobile Attribution
Detected via Permissions-Policy header: sdk-api-v1.singular.net
Mobile attribution and marketing analytics platform. Nike’s Permissions-Policy header explicitly grants client hints (ua-model, ua-platform-version, ua-full-version-list) to Singular’s SDK API, confirming cross-device tracking between web and Nike app.
Fires: app install attribution • cross-device identity • campaign measurement
New Relic
Performance Monitoring
New Relic Browser Agent detected
Application performance monitoring (APM) and real user monitoring (RUM). Tracks page load times, JavaScript errors, AJAX calls, and session traces across Nike’s Next.js frontend. Confirmed via webtechsurvey.
Fires: continuous monitoring during page lifecycle
A
Akamai mPulse
Performance Monitoring
Akamai mPulse with Boomerang detected
Real user monitoring from Nike’s CDN provider. Boomerang.js collects Web Vitals (LCP, CLS, INP), navigation timing, and resource loading data. Feeds into Akamai’s performance dashboard for CDN optimization.
Fires: beacon on page load • resource timing • core web vitals
Google reCAPTCHA
Fraud Prevention
reCAPTCHA detected — confirmed in Nike privacy policy
Nike’s privacy policy explicitly discloses reCAPTCHA for “helping us to prevent fraud.” reCAPTCHA v3 runs silently in the background, scoring every visitor’s behavior to distinguish humans from bots — and sharing that data with Google.
Fires: continuous behavioral scoring on protected pages
Cookie Settings (CMP)
Consent Management
Cookie consent mechanism detected
Nike provides a “Cookie Settings” link in the site footer and a “Your Privacy Choices” link. The specific CMP vendor is not publicly named, but the implementation provides GDPR controls for EU visitors and CCPA opt-out for California residents.
Fires: on page load (consent check)
DigiCert TLS
Security Infrastructure
DigiCert SSL/TLS certificate detected
Enterprise TLS certificate provider securing all nike.com connections. HSTS header enforces HTTPS with includeSubDomains, ensuring all data in transit between visitors and Nike’s Akamai CDN edge nodes is encrypted.
Always active — TLS handshake on every connection

What would YOUR pixel audit look like?

Nike runs 10+ tracking technologies because they have dedicated data engineering teams managing them. Most brands don’t need that complexity. LeadMaxxing scans your site and shows you exactly which pixels are firing, which cookies are set, and where you have gaps — then gives you a single script that handles visitor identification, lead scoring, and platform syncing automatically.

Get this report for your brand →

Third-Party Script Audit

87 JavaScript requests and 72 XHR/Fetch calls on every page load

Loading nike.com triggers approximately 87 JavaScript requests totaling 8.9MB, plus 72 XHR/Fetch requests. That’s a staggering amount of third-party code executing in your browser on every visit. Here’s the breakdown by category based on detected technologies:

Third-Party Requests by Category (nike.com homepage)
Advertising & Attribution ~18 domains
Analytics & Monitoring ~10 domains
CDN & Infrastructure ~8 domains
Performance Monitoring ~4 domains
Consent & Security ~3 domains

Network Waterfall: What Loads and When

Here’s the approximate load order when your browser requests nike.com. Nike’s Akamai CDN serves the initial document, then a cascade of third-party scripts fire — performance monitors, analytics, and ad pixels all loading in the first 2 seconds:

Network Request Timeline (nike.com homepage — estimated)
nike.com (Akamai)
90ms
js-agent.newrelic.com
220ms
c.go-mpulse.net
310ms
googletagmanager.com
350ms
connect.facebook.net
520ms
match.adsrvr.org
460ms
sdk-api-v1.singular.net
540ms
www.google.com/recaptcha
380ms
*.cloudfront.net (CDN)
1.6s
s3.amazonaws.com
1.4s
How we detected these scripts

We used three methods: (1) parsing Nike’s HTTP response headers, including Content-Security-Policy and Permissions-Policy, which reveal allowed third-party domains and granted client hints; (2) technology detection via webtechsurvey and BuiltWith; and (3) court filings from Abdullah v. Nike and Magenheim & Neil v. Nike, which name specific tracking vendors. See our Tech Stack report for the full infrastructure breakdown.

Curious how many third-party domains YOUR site contacts? LeadMaxxing’s free report runs this same header + network audit on your domain and shows you exactly which vendors are loading, how they impact page speed, and which ones you can cut.

Key External Domains Contacted

ADS connect.facebook.net
ADS www.facebook.com
ADS googleads.g.doubleclick.net
ADS www.googleadservices.com
ADS match.adsrvr.org
ADS insight.adsrvr.org
ATTRIB sdk-api-v1.singular.net
ANALYTICS www.googletagmanager.com
ANALYTICS www.google-analytics.com
ANALYTICS region1.google-analytics.com
MONITOR js-agent.newrelic.com
MONITOR bam.nr-data.net
MONITOR c.go-mpulse.net
MONITOR s.go-mpulse.net
CDN ev-cn.nike.com.edgekey.net
CDN *.cloudfront.net
CDN s3.amazonaws.com
CDN fonts.googleapis.com
CDN fonts.gstatic.com
SECURITY www.google.com/recaptcha
CDN *.nikecloud.com
CDN *.nikedev.com

Consent & Compliance Analysis

Two active lawsuits, a 1.4TB data breach, and GDPR/CCPA obligations across 190+ countries

Nike faces an unprecedented convergence of privacy pressures. Two class-action lawsuits allege illegal tracking, a data breach exposed internal files, and privacy regulators in the Netherlands have already investigated Nike’s data practices. Here’s what their consent implementation looks like:

Consent Mechanism

Cookie Settings
Nike provides a “Cookie Settings” footer link and a “Your Privacy Choices” link. The specific CMP vendor is not publicly disclosed — the implementation appears custom or white-labeled

GDPR Compliance

Separate EU Policy
Nike maintains a separate EU/UK privacy policy addressing GDPR obligations. The Dutch DPA (CBP) previously investigated Nike’s Nike+ Running app for health data collection without consent

CCPA Opt-Out

Available
Nike’s US privacy policy addresses CCPA, Oregon, and Virginia privacy laws. California residents can request data deletion, opt out of data sales, and access collected data via privacy@nike.com

Legal Status

2 Lawsuits
Abdullah v. Nike (CA, 2025) and Magenheim & Neil v. Nike (FL, 2025) both allege Nike embeds tracking that collects browsing data without consent, violating CIPA and state privacy laws

The Legal Timeline

Here’s how Nike’s privacy situation has escalated:

2013 — Dutch DPA Investigation
Netherlands privacy watchdog investigates Nike+ Running app
The Dutch Data Protection Authority (CBP) found two violations: collecting health data (distance, speed, calories) without proper consent, and insufficient disclosure about indefinite data retention on Nike’s servers. Nike agreed to remedial measures.
2025 — Abdullah v. Nike (California)
Class action filed over Google, Meta, and The Trade Desk tracking
Plaintiffs allege Nike embedded tracking technologies from Google, Meta, and The Trade Desk that collect IP addresses, browsing behavior, and device information without consent — violating the California Invasion of Privacy Act (CIPA).
Dec 2025 — Magenheim & Neil v. Nike (Florida)
Second lawsuit alleges invasive tracking software installed without consent
Florida plaintiffs allege Nike installs “invasive tracking software” on visitors’ browsers that shares browsing data with third parties. This is part of a broader wave of CIPA lawsuits also targeting Estée Lauder and Luxottica.
Jan 2026 — Data Breach
WorldLeaks claims 1.4TB of Nike internal data stolen
A group called WorldLeaks claimed to have exfiltrated approximately 1.4TB (188,347 files) of Nike’s internal data. Nike confirmed it was investigating the incident, adding a data security dimension to the ongoing privacy scrutiny.
Mar 2026 — Current State
Nike’s data practices under multi-front pressure
Nike now faces active lawsuits on both US coasts, a breach investigation, and ongoing GDPR/CCPA compliance obligations across 190+ countries. The tracking infrastructure we detected in this report is the same one plaintiffs are challenging in court.
Notable Finding

Nike’s security header grade is C (4/6 headers present). While HSTS and X-Frame-Options are properly configured, Nike is missing X-Content-Type-Options and Referrer-Policy. The CSP header only restricts frame embedding (frame-ancestors) but doesn’t control script sources — meaning any script can execute on nike.com pages. For a $51B company facing data privacy lawsuits, this is a notable gap in their security posture.

Not sure if your tracking setup could trigger a lawsuit? LeadMaxxing’s compliance audit maps your tracking against current privacy regulations — so you know where you stand before a plaintiff’s lawyer does.

How Nike Compares

Enterprise-grade tracking infrastructure, but also enterprise-grade legal risk

How does Nike’s tracking footprint stack up? We compared their setup against typical ecommerce sites:

Metric Nike Avg. Ecommerce Difference
JS Requests per Page 87 ~40 +118% above avg
Total JS Size 8.9 MB ~2.5 MB +256% above avg
Tracking Pixels 10+ 5 +100% above avg
Security Headers 4/6 (C) 3/6 Above average
Mobile Attribution Singular None Enterprise tier
Active Privacy Lawsuits 2 0 High legal risk

Nike’s tracking footprint is more than 2x the industry average on script volume. But context matters: this is a $51B+ company operating in 190+ countries with both a website and a massive mobile app ecosystem. The Singular integration for cross-device attribution alone puts Nike in the top tier of tracking sophistication. The difference between Nike and a typical ecommerce brand isn’t just scale — it’s the legal exposure that comes with it. See how this connects to their email and CRM strategy and SEO approach.

Takeaway

Nike’s tracking infrastructure is what a $51B global brand’s data architecture looks like. 10+ tracking technologies, enterprise CDN, mobile attribution, and performance monitoring across web and app — all now under legal scrutiny. The question isn’t whether you need Nike’s level of tracking, it’s whether your current setup exposes you to the same risks.

Key Findings

  • → Nike.com loads 87 JavaScript requests totaling 8.9MB per page — more than 2x the ecommerce average, with advertising and attribution scripts making up the largest share (Request Metrics profiling).
  • → Court filings in Abdullah v. Nike confirm Google, Meta, and The Trade Desk are embedded on nike.com, collecting IP addresses, browsing behavior, and device information without adequate consent per the plaintiffs.
  • → Nike’s Permissions-Policy header reveals Singular (sdk-api-v1.singular.net) as their mobile attribution platform, enabling cross-device tracking between nike.com and the Nike app — a level of sophistication found in fewer than 5% of ecommerce sites.
  • → Nike’s security headers earn a C grade (4/6 present) — with no X-Content-Type-Options or Referrer-Policy, and a CSP header that only restricts frame embedding, not script sources (scraped data, March 2026).
  • → The January 2026 data breach (1.4TB claimed stolen) combined with two active tracking lawsuits makes Nike the most legally scrutinized tracking setup in athletic ecommerce.

What This Data Means for You

Turning Nike's tracking architecture into your competitive advantage

You don’t need Nike’s tracking infrastructure — and you definitely don’t want their legal exposure. But Nike’s situation is a masterclass in what happens when tracking outpaces compliance. Here’s what you can learn:

Under $5M Revenue — Start Here

Must have: GA4 + Meta Pixel + consent mechanism. Nice to have: One performance monitor (New Relic or a free alternative). Skip: Mobile attribution, programmatic DSPs, enterprise CDN. That’s 3-4 tools vs Nike’s 10+ — and it covers the essentials without legal risk.

$5M-$50M Revenue — Fill the Gaps

Add: A proper CMP (start with a free tier like Cookiebot or Osano). Consider: LeadMaxxing for unified visitor identification instead of layering multiple pixels. Key question: Can your tracking survive a CIPA lawsuit? If not, fix consent first.

The Cost Nike Pays

CDN: Akamai Enterprise ($100K+/yr). Performance: New Relic + mPulse ($50K+/yr). Attribution: Singular ($50K+/yr). Legal: Two class-action defense cases (we estimate $2M+/yr in legal fees alone). Total: we estimate $500K+/yr in SaaS and monitoring, plus significant legal costs.

The 80/20 Alternative

You don’t need 10 pixels, a mobile attribution platform, and a $100K CDN. LeadMaxxing identifies anonymous visitors, scores leads, tracks conversions, and syncs to your CRM with a single compliant script for $29/month. Get visibility without exposure.

LeadMaxxing Automates This Tracking Audit Playbook

Nike spends millions on tracking infrastructure — and millions more defending it in court. LeadMaxxing scans your site, shows you exactly which pixels are firing and where you have compliance gaps, then gives you unified, consent-compliant tracking with a single script — starting at $29/month.

Get your free tracking audit →

5 Things You Can Implement Today

Actionable lessons from Nike's tracking playbook

Run an automated cookie and pixel audit

LeadMaxxing scans your site and shows you exactly which pixels are firing, which cookies are set, and where you have gaps — the same audit you just read, generated for your domain in under 60 seconds.

Audit your consent implementation before a lawyer does

Nike’s lawsuits allege tracking without consent. LeadMaxxing’s compliance audit maps your pre-consent vs post-consent script loading — so you know exactly what fires before users opt in, and whether it puts you at risk.

Replace siloed pixels with unified tracking

Nike layers Google, Meta, The Trade Desk, and Singular on top of each other. LeadMaxxing gives you a single script that handles visitor identification, lead scoring, and platform syncing — fewer scripts, less legal surface area, better performance.

Check your security headers

Nike scores a C. Missing headers like X-Content-Type-Options and Referrer-Policy create attack surface. LeadMaxxing’s tech stack report grades your security posture and shows you exactly which headers to add.

Supercharge Your Leads with LeadMaxxing

Get a free LeadMaxxing account and start supercharging your leads. Start free →

Free — No credit card required

Get This Analysis For Your Brand FREE
When You Create A Free LeadMaxxing Account

Create a free LeadMaxxing account and we’ll generate a full competitive analysis for YOUR brand. The same intelligence you just read — comparison with competitors, actionable strategies, and AI-powered recommendations.

Auto-generated brand report Competitor comparison Strategy recommendations AI-powered insights Free LeadMaxxing account to supercharge your leads
Get Free Report + Account → Free plan includes visitor tracking, lead scoring, and AI chat. Paid plan $29/month for full access.

More Nike Intelligence

Tracking & Privacy for Similar Brands

Sources & References

Nike US Privacy Policy — Nike’s official privacy policy confirming use of cookies, pixel tags, mobile identifiers, Google Analytics, Google Signals, reCAPTCHA, and third-party ad services.
agreementservice.svs.nike.com
Top Class Actions — Abdullah v. Nike — Class action lawsuit alleging Nike embeds tracking from Google, Meta, and The Trade Desk without consent, violating CIPA.
topclassactions.com
Request Metrics — Performance Profiling: nike.com — Independent performance analysis showing 87 JS requests (8.9MB) and 72 XHR/Fetch calls per page load.
requestmetrics.com
webtechsurvey — nike.com Technology Profile — Technology detection confirming Google Analytics, New Relic, Akamai mPulse, Boomerang, Next.js, React, and DigiCert.
webtechsurvey.com
The Register — Nike Data Breach (Jan 2026) — Report on WorldLeaks claiming 1.4TB (188,347 files) of stolen Nike data. Nike confirmed investigation.
theregister.com
National Law Review — Dutch DPA Investigation — Netherlands privacy watchdog investigation into Nike+ Running app health data collection.
natlawreview.com
Nike.com HTTP Headers & DNS Analysis — Security headers (C grade, 4/6), Permissions-Policy (Singular SDK), CSP (frame-ancestors), HSTS, and DNS records parsed via automated scan on March 20, 2026.

Frequently Asked Questions

What tracking pixels does Nike use on nike.com?
Nike uses at least 10 tracking technologies on nike.com. Confirmed via court filings and technology detection: Google Analytics 4, Google Ads, Meta Pixel, The Trade Desk, and Singular (mobile attribution, detected via Permissions-Policy header). Performance monitoring includes New Relic and Akamai mPulse/Boomerang. Nike’s privacy policy also confirms the use of cookies, pixel tags, and mobile device identifiers for advertising and analytics.
Has Nike been sued over its website tracking?
Yes. Nike faces at least two class-action lawsuits over its tracking practices. Abdullah v. Nike (California, 2025) alleges Nike embedded tracking from Google, Meta, and The Trade Desk that collects IP addresses, browsing data, and device info without consent, violating CIPA. Magenheim & Neil v. Nike (Florida, December 2025) alleges Nike installs invasive tracking software on visitors’ browsers and shares data with third parties without consent.
What consent management does Nike use for cookies?
Nike provides a “Cookie Settings” link in its website footer and a “Your Privacy Choices” link for managing tracking preferences. Nike’s privacy policy references cookie consent controls, but the specific CMP vendor is not publicly named. The implementation provides GDPR controls for EU visitors and CCPA opt-out rights for California residents via a dedicated privacy request process.
How many JavaScript requests does nike.com make?
Nike.com loads approximately 87 JavaScript requests totaling 8.9MB, plus 72 XHR/Fetch requests during page load, according to Request Metrics performance profiling. This indicates extensive third-party integrations across analytics, advertising, performance monitoring, and CDN infrastructure including Akamai, Amazon CloudFront, and AWS.
What CDN and infrastructure does Nike use?
Nike.com runs on a sophisticated infrastructure stack. The CDN layer includes Akamai (primary), Amazon CloudFront, and Amazon S3. The frontend is built with Next.js and React (v17.0.2) on Node.js. DNS records show the domain resolves through ev-cn.nike.com.edgekey.net, confirming Akamai as the primary CDN. Performance monitoring uses New Relic and Akamai mPulse with Boomerang.
Was Nike involved in a data breach?
In January 2026, a group called WorldLeaks claimed to have stolen approximately 1.4TB (188,347 files) of Nike’s internal data. Nike confirmed it was investigating the incident. This event, combined with the tracking lawsuits, puts Nike’s data practices under heightened scrutiny from both regulators and consumers.
What security headers does nike.com have?
Nike.com scores a C grade on security headers, with 4 out of 6 key headers present. Present: Strict-Transport-Security (HSTS with includeSubDomains), Content-Security-Policy (frame-ancestors only), X-Frame-Options (sameorigin), and Permissions-Policy (referencing Singular SDK). Missing: X-Content-Type-Options and Referrer-Policy. The CSP header is notably narrow — only restricting frame embedding rather than controlling script sources.
How does Nike's tracking compare to other athletic brands?
Nike’s tracking footprint is among the most extensive in athletic ecommerce. With 87 JavaScript requests and 8.9MB of JS per page load, Nike significantly exceeds the typical ecommerce average. The key differentiator is Nike’s enterprise-grade infrastructure: Akamai CDN, AWS backend, Singular for mobile attribution, and separate tracking for web and app experiences. This level of sophistication reflects Nike’s $51B+ annual revenue and multi-channel advertising operation.
Compiled by LeadMaxxing — we track how brands build, test, and optimize their marketing so you can learn from the best.