www.haleon.com Open in urlscan Pro
2606:4700::6812:1356 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://haleon.com/
Effective URL:
https://www.haleon.com/
Submission: On October 25 via api (October 25th 2023, 9:50:06 pm UTC) from KZ — Scanned from GB

Summary HTTP 141 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 141 HTTP transactions. The main IP is 2606:4700::6812:1356, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haleon.com. The Cisco Umbrella rank of the primary domain is 504811.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2023. Valid for: a year.

This is the only time www.haleon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.90.236.47 85.90.236.47	15830 (EQUINIX) (EQUINIX)
86	2606:4700::68... 2606:4700::6812:1356	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2.17.100.194 2.17.100.194	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
13	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.238.243.125 18.238.243.125	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2600:1f14:5db... 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
141	16

1 85.90.236.47 (Netherlands) 1 redirects

ASN15830 (EQUINIX, NL)

haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 2606:4700::6812:1356 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2.17.100.194 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-194.deploy.static.akamaitechnologies.com

irs.tools.investis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.websitecarbon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-125.ams58.r.cloudfront.net

cdn.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

a-cf65.ch-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	haleon.com 1 redirects haleon.com — Cisco Umbrella Rank: 348024 www.haleon.com — Cisco Umbrella Rank: 504811	9 MB
17	userway.org cdn.userway.org — Cisco Umbrella Rank: 4730 api.userway.org — Cisco Umbrella Rank: 4698	165 KB
16	investis.com irs.tools.investis.com — Cisco Umbrella Rank: 98980	459 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	181 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	68 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	61 KB
1	ch-static.com a-cf65.ch-static.com — Cisco Umbrella Rank: 189678	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 655	314 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
1	addevent.com cdn.addevent.com — Cisco Umbrella Rank: 32097	8 KB
1	websitecarbon.com api.websitecarbon.com — Cisco Umbrella Rank: 466818	599 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	102 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1102	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
141	14

	Domain	Requested by
86	www.haleon.com	www.haleon.com
16	irs.tools.investis.com	www.haleon.com irs.tools.investis.com
13	cdn.userway.org	www.haleon.com cdn.userway.org
10	cdn.cookielaw.org	www.googletagmanager.com www.haleon.com cdn.cookielaw.org
4	api.userway.org	www.haleon.com cdn.userway.org
2	www.youtube.com	www.haleon.com www.youtube.com
2	code.jquery.com	irs.tools.investis.com
1	a-cf65.ch-static.com
1	geolocation.onetrust.com	www.haleon.com
1	fonts.googleapis.com	client
1	cdn.addevent.com	www.haleon.com
1	api.websitecarbon.com	unpkg.com
1	www.googletagmanager.com	www.haleon.com
1	unpkg.com	www.haleon.com
1	static.cloudflareinsights.com	www.haleon.com
1	haleon.com	1 redirects
141	16

This site contains links to these domains. Also see Links.

Domain
www.investis-live.com
otp.investis.com
www.instagram.com
www.youtube.com
www.google.com
www.linkedin.com
websitecarbon.com
supplier.haleon.com
www.terms.haleon.com
www.privacy.haleon.com
health1.aetna.com
transparency-in-coverage.uhc.com
privacy.haleon.com
www.onetrust.com

Subject Issuer	Validity	Valid
haleon.com Cloudflare Inc ECC CA-3	`2023-03-14` - `2024-03-12`	a year	crt.sh
irs.tools.investis.com R3	`2023-09-05` - `2023-12-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
api.websitecarbon.com Cloudflare Inc ECC CA-3	`2023-07-04` - `2024-07-03`	a year	crt.sh
*.addevent.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
a-stage-cf65.ch-static.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-04` - `2024-09-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.haleon.com/
Frame ID: F4DE258B8B95797999EA84D42DE21A4A
Requests: 122 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Frame ID: 76104761ADA5DA989F26C03DAC47D3F1
Requests: 9 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Frame ID: 168F4BA4CA0F20C89DEA02648306D35A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - HaleonBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

9797 kB
Transfer

12418 kB
Size

5
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.investis-live.com/haleon/651bdd3437a2c50c003b65e8/hdrt
Title: here

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1725721&cid=2805
Title: Director/PDMR Shareholding

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1724580&cid=2805
Title: Director/PDMR Shareholding

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1724181&cid=2805
Title: Holding(s) in Company

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1720464&cid=2805
Title: Director/PDMR Shareholding

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyQWIH9MWZN/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyF2OKsMlII/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CyDbvuvOL0V/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CyxrjRtuNQt/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/CyiJjkbOgn8/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CyVgmu0s-2g/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=httewgxVBJs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=3idh0paME5E

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oeR2kd7BIgo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=_gpab_95zWs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=8lKTRoEip6s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=d2F_Gt5ABiE

Search URL Search Domain Scan URL

URL: https://www.google.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haleon/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeRp3iDRROr1lj1jkXScycA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/haleon
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://websitecarbon.com/
Title: Website Carbon

Search URL Search Domain Scan URL

URL: https://supplier.haleon.com/irj/portal/public?guest_user=SUP_GUEST_EN
Title: Supplier portal

Search URL Search Domain Scan URL

URL: https://www.terms.haleon.com/en-gb/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.privacy.haleon.com/en-gb/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://health1.aetna.com/app/public/#/one/insurerCode=AETNACVS_I&brandCode=ALICSI/machine-readable-transparency-in-coverage?searchTerm=111579681&lock=true
Title: Aetna

Search URL Search Domain Scan URL

URL: https://transparency-in-coverage.uhc.com/
Title: United Healthcare

Search URL Search Domain Scan URL

URL: https://privacy.haleon.com/en-gb/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

141 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.haleon.com/
Redirect Chain

http://haleon.com/
https://www.haleon.com/

104 KB
17 KB

300ms
52ms

Document
text/html

2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd5d9645b33877cb4f9533ab65712c73469ec893e12cfba0de4342fbd53c4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 111576
bsg-cdn: P
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 81bdac2b8b0163fa-LHR
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
content-type: text/html; charset=UTF-8
date: Wed, 25 Oct 2023 21:49:58 GMT
expires: Thu, 26 Oct 2023 21:49:58 GMT
last-modified: Tue, 24 Oct 2023 14:48:52 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: text/html; charset=UTF-8
Location: https://www.haleon.com/

GET
H2 200 NewHeroAccess-Regular.woff
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 89 KB
91 KB 55ms
49ms Font
application/font-woff 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Regular.woff

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"165b8-60525d6d6d6b8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=86400
cf-ray: 81bdac2bebb563fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 NewHeroAccess-Medium.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
82 KB 109ms
104ms Font
text/plain 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Medium.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc9866372cf9a1322d0d62a36e81b1a7222afa4042ecd7d07fbd19fd9afcd76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
content-length: 83488
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"14620-60525d6d6ee29"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2c2c2363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 NewHeroAccess-ExtraBold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 83 KB
84 KB 105ms
99ms Font
text/plain 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-ExtraBold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56b79f8811aa833678c36f8c604be4bcce447ffde377b1faf4c311eb55154e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ec4ZaItSkFp.ERbBsQkaWsv_MLehzNvE6SRhcO35hb8-1698270599-0-Afm8vozRLrL7UE7A57u7FsAueTINeF0dg6fm4f5Kj3tt2LL_tLLmtNrzeJXIjJZEYRdLqPG-bzo8Za81tsyUGjggOQD0OebI2BOPYnoWor4tIXduEjMKJvg6OpT15S7n3AQGe6CU8oalK7Tc-vkvdZc; report-to cf-csp-endpoint
content-length: 84964
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"14be4-60525d6d75eb5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ec4ZaItSkFp.ERbBsQkaWsv_MLehzNvE6SRhcO35hb8-1698270599-0-Afm8vozRLrL7UE7A57u7FsAueTINeF0dg6fm4f5Kj3tt2LL_tLLmtNrzeJXIjJZEYRdLqPG-bzo8Za81tsyUGjggOQD0OebI2BOPYnoWor4tIXduEjMKJvg6OpT15S7n3AQGe6CU8oalK7Tc-vkvdZc"}],"group":"cf-csp-endpoint","max_age":86400}
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2c2c2463fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 NewHeroAccess-Bold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
84 KB 105ms
99ms Font
text/plain 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Bold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
content-length: 84304
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"14950-60525d6d724d9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2c2c2563fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 269 KB
25 KB 51ms
46ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89834dd0fe4e0c7d9e0daed8791c5ff5001b206c133de248a17235698e471dc3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=278569
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Wed, 20 Sep 2023 09:34:19 GMT
server: cloudflare
etag: W/"44029-605c7146b6e50"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebb863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.44a1783be8e88dc73188908af6c38c01.css
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 185 B
186 B 52ms
47ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.44a1783be8e88dc73188908af6c38c01.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=188
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"bc-60525d6d76e55"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebba63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.59c0d61dcf5eacb237a83816c6996ebd.css
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 551 B
435 B 49ms
45ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.59c0d61dcf5eacb237a83816c6996ebd.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=559
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"22f-60525d6d77a0d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebbb63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.d54c23ba76bd8648119795790ae83779.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 304 B
269 B 50ms
45ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.d54c23ba76bd8648119795790ae83779.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=308
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"134-60525d6d6d5fc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebbf63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 18 KB
5 KB 51ms
47ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=19065
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"4a79-60525d6d73c49"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebc263fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 0
79 B 99ms
94ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"0-60525d6d753b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2bebc363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 594 B
350 B 99ms
95ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=611
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"263-60525d6d72035"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2bebc463fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.b104a4a85c21511ada13e2c6e7552d37.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 29 B
215 B 53ms
49ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b104a4a85c21511ada13e2c6e7552d37.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
content-length: 29
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"1d-60525d6d77625"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2bebc663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.678529bdf3a4377ad53eddfaad041267.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 743 B
430 B 102ms
98ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.678529bdf3a4377ad53eddfaad041267.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=751
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"2ef-60525d6d79df1"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c0e63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.6897d8e0a27f11fa1dbe78b6e085b0e1.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/ 23 KB
2 KB 100ms
96ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/clientlibs.min.6897d8e0a27f11fa1dbe78b6e085b0e1.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6548dd8235f42fb79c1d59f7c37670bb011ad62038b168b3cfee4d1b6883fd6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=24118
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"5e36-60525d6d76f11"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/ 20 B
218 B 101ms
97ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
content-length: 20
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"14-60525d6d74f15"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2c1c1363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.5cd5a56b39ebec7681cc5e9152b5f47d.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 29 KB
4 KB 100ms
97ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.5cd5a56b39ebec7681cc5e9152b5f47d.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aef98e3d57572ea20afe6d4af530e763d83fd029326b68f428aa96c5ba669ad1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=29694
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"73fe-60525d6d7723d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1463fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.a2b4aee63ff94bd02397e38cf5432ae6.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 31 KB
3 KB 104ms
100ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.a2b4aee63ff94bd02397e38cf5432ae6.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db645e8a34bfffb0cfc4ec884f717ad9fded1099ca09b8c1f82bd938bbf8069b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=31979
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"7ceb-60525d6d7f7c9"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.c923337d667ea8364c55828ba6b46549.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 31 KB
3 KB 105ms
101ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.c923337d667ea8364c55828ba6b46549.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ba5b02a9c381541fa4fb0479665301b6881bc359340cf9ff584583ee90996

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=32402
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"7e92-60525d6d78a69"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 235 B
169 B 102ms
99ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"eb-60525d6d7a505"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1963fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.a879a31d6f0fa8445d70dce3c52aa3bd.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/ 18 KB
2 KB 101ms
98ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.a879a31d6f0fa8445d70dce3c52aa3bd.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb6372b9e70140f4cf9362f1f52ea17423e8e28376e583d2aae443b5521e4ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=18827
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"498b-60525d6d776e1"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1a63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.3718f1450fed9d1c004a8e2e803e54ff.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/ 13 KB
1 KB 103ms
100ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/clientlibs.min.3718f1450fed9d1c004a8e2e803e54ff.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cac7673ef34ddada4514379e77e8eee49c1145f524b784b77b70e0cc9f2fdb4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=13659
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"355b-60525d6d772f9"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c1c1c63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.bb9df32a5be3b6ed8a16e78e90fed53f.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/ 15 KB
3 KB 105ms
102ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/clientlibs.min.bb9df32a5be3b6ed8a16e78e90fed53f.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79dda5754be6e76106e2a3802d620eec731e240177c251cc0d78a2e77fa450ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=15725
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"3d6d-60525d6d76685"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c2c1f63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.04c4d0fd87abf4752acfee604d688732.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 13 KB
1 KB 107ms
104ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.04c4d0fd87abf4752acfee604d688732.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df089003b2c47a822fd1a10a7c65e4dd7bc0d731bad9327ebc497077e68bf0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=13192
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"3388-60525d6d724d9"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c2c2063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.48c35c8c670ffed2ca53e69d66cd7026.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 14 KB
2 KB 104ms
102ms Stylesheet
text/css 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.48c35c8c670ffed2ca53e69d66cd7026.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3039f3728c31674c002c88b2ab7b915cf6d1c6d4d3eaa9aff2a6170bd6e19781

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origSize=14682
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"395a-60525d6d7acd5"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 81bdac2c2c2263fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H/1.1 200
OK ticker_lse.aspx Show response
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame 7610 10 KB
4 KB 282ms
132ms Document
text/html 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

2a025f87b040f3437bf045e7ffcb4b11abb2023ce2b94938a54674186277fb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private, max-age=84
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3179
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 21:49:59 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ticker_nyse.aspx Show response
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame 168F 10 KB
4 KB 369ms
220ms Document
text/html 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a914008ab8ee787c3d3593b8db98c491b1a3526f3c43e919452e7ce0062d2b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3152
Content-Type: text/html; charset=utf-8
Date: Wed, 25 Oct 2023 21:49:59 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 Mask%20Group%2016.png
www.haleon.com/content/dam/compass-group/corporate/group-foundation/ 107 KB
107 KB 100ms
99ms Image
image/webp 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/compass-group/corporate/group-foundation/Mask%20Group%2016.png

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200f9498057b19d371e5bc177ed1e7efb4c830dca8c89b329054d89c4c305185

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707839
cf-polished: origFmt=png, origSize=219047
content-disposition: inline; filename="Mask%20Group%2016.webp"
content-length: 109708
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: "357a7-60525d6d8358e"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2c2c2763fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 rocket-loader.min.js Show response
www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 80ms
80ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Oct 2023 18:17:19 GMT
server: cloudflare
etag: W/"6532c42f-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 81bdac2c2c2963fa-LHR
expires: Fri, 27 Oct 2023 21:49:59 GMT

GET
H2 206 Home%20banner%20new%20at%2018%20March.mp4
www.haleon.com/content/dam/haleon/corporate/videos/ 3 MB
3 MB 85ms
85ms Media
video/mp4 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/Home%20banner%20new%20at%2018%20March.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ffbd4d3e1e06635d9f6a34f3be4415629561f9814f962660d09820ae43b55d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
Content-Range: bytes 0-2954349/2954350
Content-Length: 2954350
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:12 GMT
server: cloudflare
etag: W/"2d146e-60525d69b09f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=86400
cf-ray: 81bdac2c2c2a63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 206 Haleon-homepage-ambient-video.mp4
www.haleon.com/content/dam/haleon/corporate/videos/home/ 2 MB
2 MB 83ms
82ms Media
video/mp4 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/home/Haleon-homepage-ambient-video.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9dccb4b346171249ab7713c475e99dba8b2a662f6318dfc6a1baa8ab8deeda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707839
Content-Range: bytes 0-2551562/2551563
Content-Length: 2551563
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"26ef0b-60525d6c07c00"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=86400
cf-ray: 81bdac2c2c2b63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 156ms
69ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81bdac2c9c7a5279-LHR

GET
H2 200 search-whote.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 698 B
2 KB 47ms
46ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/search-whote.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"2ba-60525d6db8151"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cdd9e63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 haleon-logo-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/ 1 KB
764 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/haleon-logo-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"572-60525d6dbac49"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cdd9f63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 chat-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 725 B
600 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chat-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"2d5-60525d6e13700"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cdda063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 chevron-down-white.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 241 B
291 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chevron-down-white.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"f1-60525d6db9d64"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cdda163fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 ellipse-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 150 B
831 B 68ms
67ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ellipse-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.a2b4aee63ff94bd02397e38cf5432ae6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.a2b4aee63ff94bd02397e38cf5432ae6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ppO2nQN38Sqf4W7D3WL9zefiV70et0aGfAHXEolFxdQ-1698270599-0-AfrBcSjULsuAiRxUV7YA6xK1pqhzahMHFl3Dd-mNoAtXo5jD4bvkrvQxAXPHyZhE94TDByTllknmjB7pak3PgWVSdH_u4ech6GBr9Eif9QgGo7RYVWiJW0yQDVPjRy-cZ0wTOLrkNq3Jv9_XLKfFAmw; report-to cf-csp-endpoint
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:14 GMT
server: cloudflare
etag: W/"96-60525d6b92839"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ppO2nQN38Sqf4W7D3WL9zefiV70et0aGfAHXEolFxdQ-1698270599-0-AfrBcSjULsuAiRxUV7YA6xK1pqhzahMHFl3Dd-mNoAtXo5jD4bvkrvQxAXPHyZhE94TDByTllknmjB7pak3PgWVSdH_u4ech6GBr9Eif9QgGo7RYVWiJW0yQDVPjRy-cZ0wTOLrkNq3Jv9_XLKfFAmw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=86400
cf-ray: 81bdac2cdda363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 arrow-right-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 300 B
316 B 53ms
53ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"12c-60525d6dc1a64"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cdda663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 markers-updated.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
593 B 57ms
57ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/markers-updated.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"a1c-60525d6db8dc4"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cddaa63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 arrow-right-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
296 B 66ms
65ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"12e-60525d6dbb419"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cddaf63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 plus-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 179 B
254 B 55ms
55ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/plus-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.a879a31d6f0fa8445d70dce3c52aa3bd.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.a879a31d6f0fa8445d70dce3c52aa3bd.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 90455
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Sun, 24 Sep 2023 09:14:05 GMT
server: cloudflare
etag: W/"b3-6061743728fd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cddb063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 vector-decoration-light-bg.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
605 B 59ms
58ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/vector-decoration-light-bg.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:18 GMT
server: cloudflare
etag: W/"71e-60525d6f54328"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb263fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 tabs-social-insta.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 4 KB
1 KB 53ms
52ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-insta.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"e40-60525d6dbcb89"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 tabs-social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 791 B
593 B 64ms
63ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"317-60525d6dbcf71"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb463fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 tabs-social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 775 B
509 B 60ms
59ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"307-60525d6dba861"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb563fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 social-instagram.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
1 KB 53ms
52ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-instagram.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"cac-60525d6dc02f4"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 593 B
2 KB 57ms
56ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"251-60525d6dbfb24"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedb963fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 771 B
527 B 59ms
58ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"303-60525d6dc1d91"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedba63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 privacyoptions.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
858 B 69ms
69ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/privacyoptions.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:18 GMT
server: cloudflare
etag: W/"701-60525d6f55a98"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedbc63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 arrow-right-tertiary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
2 KB 61ms
61ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-tertiary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:09 GMT
server: cloudflare
etag: W/"12e-60525d664a71c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac2cedbd63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 Haleon-4466.jpg
www.haleon.com/content/dam/haleon/corporate/images/our-impact/ 212 KB
213 KB 47ms
47ms Image
image/jpeg 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/our-impact/Haleon-4466.jpg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72b9760e75abde5f4ac7f7879ddcffb9d4eda4ba310147588c007f2bf1b0b701

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1706911
cf-polished: origSize=217410
content-length: 217402
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2023 09:12:19 GMT
server: cloudflare
etag: W/"35142-60525d7055533"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2d0e1863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.337fa8abe56ed821e49dc6e2baf9ee44.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 6 KB
2 KB 53ms
42ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.337fa8abe56ed821e49dc6e2baf9ee44.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=6025
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"1789-60525d6dcd912"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e4663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 223 B
247 B 71ms
59ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"df-60525d6dcfc3a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e5563fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/ 1 KB
2 KB 53ms
43ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=1312
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"520-60525d6dcd52a"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e5663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.10ba16241f3d21842bf7517421cbede5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 1 KB
2 KB 58ms
48ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.10ba16241f3d21842bf7517421cbede5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=1344
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:14 GMT
server: cloudflare
etag: W/"540-60525d6b991b2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e5963fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.5ece5042d81f608e93412b5d9c8a9930.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 3 KB
1 KB 57ms
46ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.5ece5042d81f608e93412b5d9c8a9930.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5bced06b64e84e26609cf7116dbbc4bc23d73190254eef308d853cebca421f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=3577
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:14 GMT
server: cloudflare
etag: W/"df9-60525d6b96393"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e5b63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 748 B
415 B 59ms
49ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=749
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"2ed-60525d6c09370"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e5d63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 39 B
191 B 58ms
48ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"27-60525d6c0a250"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2d3e5e63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 39 B
257 B 66ms
56ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"27-60525d6c03d80"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2d3e6163fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/ 7 KB
2 KB 55ms
46ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=6838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"1ab6-60525d6c569bc"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6363fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 716 B
429 B 57ms
47ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=717
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"2cd-60525d6c549bc"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6563fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.a93f7e904673f385596510a3e318c968.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 2 KB
1 KB 62ms
53ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.a93f7e904673f385596510a3e318c968.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=2306
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"902-60525d6c71a96"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 39 B
146 B 71ms
62ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"27-60525d6cc4ea3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac2d3e6763fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 175 KB
48 KB 56ms
47ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=179831
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:15 GMT
server: cloudflare
etag: W/"2be77-60525d6cc95b1"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 5 KB
2 KB 60ms
51ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=4844
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"12ec-60525d6d46112"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6963fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 container.min.64e934d0a16266574945c8fb92e68316.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 751 B
520 B 58ms
49ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.min.64e934d0a16266574945c8fb92e68316.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=752
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"2f0-60525d6d2eace"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6a63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.aa46d38d774e0f8b6abfb1d1b236d489.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 6 KB
2 KB 74ms
65ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.aa46d38d774e0f8b6abfb1d1b236d489.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=6390
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"18f6-60525d6d2eeb6"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6c63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 b.min.js Show response
unpkg.com/website-carbon-badges@1.1.3/ 2 KB
1 KB 124ms
43ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/website-carbon-badges@1.1.3/b.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31472711
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FJYK748XF1B3FGNVW4PC767E
server: cloudflare
etag: W/"792-NRepadguwX6vXqMB5vpqAqsoUJA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 81bdac2daa77413c-LHR

GET
H2 200 gtm.min.5faae227c57de25f4854b29539035da1.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 465 B
393 B 59ms
50ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/gtm.min.5faae227c57de25f4854b29539035da1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"1d1-60525d6dc83dd"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e6d63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 frame-manager.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/ 7 KB
3 KB 69ms
61ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/frame-manager.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=7512
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"1d58-60525d6e13700"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.0b32a0da0db4f2220b9e43faf9be79ac.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 23 KB
8 KB 73ms
65ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.0b32a0da0db4f2220b9e43faf9be79ac.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb748c805fcf3df15834cc00c3b1a6a92b3f39755ecccd221dd6b57242cfc51d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=30966
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:19 GMT
server: cloudflare
etag: W/"78f6-60525d704bc27"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7163fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/ 3 KB
1 KB 68ms
60ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=3307
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"ceb-60525d6e6a5a4"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7263fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 site.min.b06ae959f463530b64fc1fb044b0d743.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 9 KB
5 KB 63ms
55ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b06ae959f463530b64fc1fb044b0d743.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=19825
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"4d71-60525d6dd2fbd"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7463fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 55 KB
18 KB 74ms
66ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fbd6fa0d38828afa783ef7e3b7b134776b2bb662e0f9fad65700c3a811c34e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=56345
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:16 GMT
server: cloudflare
etag: W/"dc19-60525d6dce8b2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7663fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 jquery.min.e8b3debede90df40df8881108ba067d8.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/ 98 KB
35 KB 77ms
70ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery.min.e8b3debede90df40df8881108ba067d8.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=100794
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"189ba-60525d6dd4672"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7863fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 csrf.min.652a558c3774088b61b0530c184710d1.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 4 KB
2 KB 62ms
54ms Script
application/javascript 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707838
cf-polished: origSize=3618
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 12 Sep 2023 09:12:17 GMT
server: cloudflare
etag: W/"e22-60525d6dd107d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 81bdac2d3e7963fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 7610 87 KB
30 KB 106ms
34ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3032499
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-man4143-MAN
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698270599.422407,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 47, 301430

GET
H/1.1 200
OK WebResource.axd Show response
irs.tools.investis.com/Clients/ Frame 7610 23 KB
5 KB 59ms
58ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/WebResource.axd?d=l5N7JybNhTLypzkQMlX1RrPYYa8-IfbiBWYX_dYWV_-vM6XOdd77mh2SHc-7kSraa555GZ-6dGUDwvcK0oYqjlubHjc1&t=638246337643328042

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Tue, 11 Jul 2023 00:56:04 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=20199
Connection: keep-alive
Content-Length: 4627
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 03:26:38 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 7610 100 KB
25 KB 110ms
61ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/ScriptResource.axd?d=phUDbPSTuDJhZPpKVPyUofwev3inlBV9AJTGAba8tTaFl-AqjaLWYLe8UT2gWqRF1g5xQV9wptY0aHDMZxEhioiUdRdSeQ4BqoFAOqq3HCKdP5AcHwRvJTrJWvm7kSUqsW7v5yf5yTprzV72r_i01wI0rF01&t=fffffffff4ed9dba

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Wed, 25 Oct 2023 03:53:09 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=80143
Connection: keep-alive
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 20:05:42 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 7610 39 KB
10 KB 117ms
58ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/ScriptResource.axd?d=FwYZ1XsKukon8O-wmMqiEW1BO-M_bBNvwFeKg9zmPSUio3tINVA5oz2-K4n8Yv6FsCAhGyNDdOuwu5M71wNzdfr5Uk8k9RFjsv6kd3t3-6R_F-6RCD-Hjl4oB6KAFlSW8NlAberr3rkLS_TwVZNhhPoRppWtzRDH6R5LvOmhuAIB_85w0&t=fffffffff4ed9dba

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Tue, 24 Oct 2023 21:49:06 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=68266
Connection: keep-alive
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 16:47:45 GMT

GET
H/1.1 200
OK iframeResizer_child_v2.js Show response
irs.tools.investis.com/Clients/default/scripts/ Frame 7610 6 KB
3 KB 141ms
52ms Script
application/javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/default/scripts/iframeResizer_child_v2.js

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 18 Sep 2014 06:04:43 GMT
ETag: "808fa2706d3cf1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2859
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 168F 87 KB
30 KB 67ms
65ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3032499
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-man4143-MAN
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698270599.436701,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 47, 301431

GET
H/1.1 200
OK WebResource.axd Show response
irs.tools.investis.com/Clients/ Frame 168F 23 KB
5 KB 55ms
51ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/WebResource.axd?d=l5N7JybNhTLypzkQMlX1RrPYYa8-IfbiBWYX_dYWV_-vM6XOdd77mh2SHc-7kSraa555GZ-6dGUDwvcK0oYqjlubHjc1&t=637823365705833095

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Tue, 11 Jul 2023 00:56:04 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=83107
Connection: keep-alive
Content-Length: 4627
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 20:55:06 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 168F 100 KB
25 KB 57ms
52ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Tue, 24 Oct 2023 20:31:59 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=76458
Connection: keep-alive
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 19:04:17 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 168F 39 KB
10 KB 89ms
57ms Script
application/x-javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Wed, 25 Oct 2023 16:53:44 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=78025
Connection: keep-alive
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Oct 2023 19:30:24 GMT

GET
H/1.1 200
OK iframeResizer_child_v2.js Show response
irs.tools.investis.com/Clients/default/scripts/ Frame 168F 6 KB
3 KB 84ms
52ms Script
application/javascript 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/default/scripts/iframeResizer_child_v2.js

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 18 Sep 2014 06:04:43 GMT
ETag: "808fa2706d3cf1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2859
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Medium.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 7610 91 KB
91 KB 57ms
56ms Font
font/x-woff 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Medium.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:19 GMT
ETag: "f87e54586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Regular.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 7610 89 KB
90 KB 75ms
75ms Font
font/x-woff 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Regular.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:20 GMT
ETag: "6033fa586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK up_new.png
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/ Frame 7610 504 B
847 B 75ms
63ms Image
image/png 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/up_new.png

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

df2f5ecb6da664ac6b8160778bee5df75f5b55b2532badf2e1ccf3a216cbf8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:24 GMT
ETag: "edb67e5b6952d91:0"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Medium.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 168F 91 KB
91 KB 61ms
60ms Font
font/x-woff 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Medium.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:19 GMT
ETag: "f87e54586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Regular.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 168F 89 KB
90 KB 62ms
62ms Font
font/x-woff 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Regular.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:20 GMT
ETag: "6033fa586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK down_new.png
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/ Frame 168F 1 KB
2 KB 52ms
52ms Image
image/png 2.17.100.194
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/down_new.png

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.194 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-194.deploy.static.akamaitechnologies.com

Software

Resource Hash

e999f2fecc27404272c7e1ec2b22f5c31efa2c0dab92745b648922a45a67673a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Wed, 25 Oct 2023 21:49:59 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:23 GMT
ETag: "c969e5b6952d91:0"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1261
X-XSS-Protection: 1; mode=block

GET
H2 200 token.json Show response
www.haleon.com/libs/granite/csrf/ 2 B
194 B 106ms
106ms XHR
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/libs/granite/csrf/token.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
cf-ray: 81bdac300ae563fa-LHR
expires: -1

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 181ms
51ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ecb36b720daac7b62ebfa04530cecc177f6ab5e3cb6059dd1bb8c57a92025f79

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:49:59 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 2214
x-amz-cf-pop: FRA60-P3
age: 122
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698268385
x-77-nzt: AcO1rw43Nzf/pggAAA
x-accel-expires: @1698271985
x-77-age: 2214
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:07 GMT
server: CDN77-Turbo
etag: W/"629e1b6941643c5823ed156e819ac04a"
x-77-nzt-ray: 90833930e627c02f878d39653ee23b31
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: B5h15trkqgvJGV8fYPcvtHt295Lw_6k3s7IrH9j7bXVsKxnqAEOC1w==

GET
H2 200 sharefeed-lse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 149 B
215 B 96ms
96ms Fetch
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-lse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d18e0cabd7c3a009b6fa64e657cafe48ed56e0167bbcb25c9416282ccd9f19

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 149
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 81bdac301b1063fa-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 sharefeed-nyse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 147 B
392 B 93ms
93ms Fetch
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-nyse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7cfab815267e7e9e90a4978e5a42476ce28a48983f3a6b8e96eb3e9db2a13c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 147
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 81bdac301b1163fa-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 vector-grid.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
2 KB 58ms
57ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/vector-grid.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7010ae5b97d40c090a0874cc907be6f4527bc91f073b186c85d567069a6b9a38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707837
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:18 GMT
server: cloudflare
etag: W/"86a-60525d6f97564"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac302b1e63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 chevron-right-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 243 B
326 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chevron-right-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f819a3646ded3c72b22ed7e5786d106862362a080da10f2396c0a3fe96ef98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.f38f64a04cab10d390e0b819e323acfc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707837
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:11 GMT
server: cloudflare
etag: W/"f3-60525d689bf56"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac302b2063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
102 KB 172ms
73ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3902c23c76dab88eb9b4a0de8fd02a8e0329047b3c1051daa8510ca7eb69a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103526
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 21:21:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 21:49:59 GMT

GET
H2 200 b Show response
api.websitecarbon.com/ 62 B
599 B 273ms
185ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.websitecarbon.com/b?url=https%3A%2F%2Fwww.haleon.com%2F
Requested by: Host: unpkg.com
URL: https://unpkg.com/website-carbon-badges@1.1.3/b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 930077788dc3f94f1b3d42331fdd33c95c1f06d9ec35deeb9d877b78c9d464ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul2JcT3qsAi1LK1e8SK4sxeNop0sst%2Fbqj%2BzsOiKN18vtb%2BHkHlDX4FKIxhLmJ84UBYVkYJvGF1f4vJr8ZajEy2r5gExD83mpmlibb4lh6LyJoGT2vQ%2Bcif8FpkxFU1bGpV%2FJcT9p4kKP%2BEVtsvA%2BMW10ns%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json;charset=UTF-8
x-robots-tag: noindex
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-ray: 81bdac30be31dd0f-LHR

GET
H2 200 articlefilterpane.model.json Show response
www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/ 3 KB
1 KB 65ms
65ms Fetch
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/articlefilterpane.model.json?start=0&selectedYear=0

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275e1ae0767bce8d941ae68d0bb52b5e2db1545703609aa3af636203f7260375

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 25 Oct 2023 21:49:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: public, max-age=30
cf-ray: 81bdac305b5463fa-LHR
expires: Wed, 25 Oct 2023 21:50:29 GMT

GET
H2 200 atc.min.js Show response
cdn.addevent.com/libs/atc/1.6.1/ 32 KB
8 KB 166ms
47ms Script
application/javascript 18.238.243.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.addevent.com/libs/atc/1.6.1/atc.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.243.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-243-125.ams58.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ac3e0475f250086b64cd8e92b65fe18dcfb680f15bbfa97dc828d7bc91dd917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:15:15 GMT
content-encoding: br
via: 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: AMS58-P1
age: 3746085
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 22:51:47 GMT
server: AmazonS3
etag: W/"3069b5060dd3d9d781761cbea140fc15"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=8380800, public, must-revalidate
x-amz-cf-id: Pa3uyT3kcQyti6V5smreFfZQpW-Yuqvf0ZdoJv8peEcOYOCoqa2pyA==

GET
H2 200 _jcr_content.socialfeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 3 KB
2 KB 82ms
82ms Fetch
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.socialfeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa76f179fbd749c530e2b888ff7710ad26e4ac980bff52c9d5aebf5907dc4345

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 81bdac305b5663fa-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 _jcr_content.youtubefeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 2 KB
2 KB 102ms
102ms Fetch
application/json 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.youtubefeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f4194b0f81cbe99bf736f8d4ebf9f7ec35e4a4aab11b3eb53c76f743a084f4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 81bdac305b5763fa-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 rum Show response
www.haleon.com/cdn-cgi/ 0
147 B 35ms
34ms XHR
text/plain 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/rum?

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

CSRF-Token: undefined
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: application/json

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.haleon.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81bdac30abcb63fa-LHR

GET
H2 200 5%20Haleon%20and%20Microsoft%20Seeing%20AI%2010.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 105 KB
106 KB 42ms
42ms Image
image/jpeg 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/5%20Haleon%20and%20Microsoft%20Seeing%20AI%2010.jpg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

382df676d5087471e0aac0d73f8264b36074d17a3897f62f88bb62ca520e4f84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707837
cf-polished: origSize=107862
content-length: 107854
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2023 09:12:12 GMT
server: cloudflare
etag: W/"1a556-60525d699fc6c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac30cbf063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 otrivin-haleon.png
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 2 MB
2 MB 44ms
43ms Image
image/png 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/otrivin-haleon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d73b9bc99c23b17226279052b18b354b6157cbfb4fd906b5a6347da0a6856d20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 188715
cf-polished: status=input_too_large
content-length: 2022708
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Mon, 23 Oct 2023 14:26:19 GMT
server: cloudflare
etag: W/"1edd34-6086301775192"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac30dbfb63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 4%20Haleon%20joins%20zero100.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 192 KB
192 KB 50ms
49ms Image
image/jpeg 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/4%20Haleon%20joins%20zero100.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf969a8efc38b1113da52708b3b75f8ba99013291b43cf1d6c39f4d01f8dcdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707837
cf-polished: origSize=196350
content-length: 196342
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2023 09:12:13 GMT
server: cloudflare
etag: W/"2fefe-60525d6a15b29"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac30dbfe63fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 6%20Longer%20healthier%20lives%20more%20likely%20in%20countries.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 183 KB
184 KB 48ms
48ms Image
image/jpeg 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/6%20Longer%20healthier%20lives%20more%20likely%20in%20countries.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d77f856767d92434228b3cec1b6b04e2b75e99c7dc4833aad677c4cf6c3ea2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:49:59 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1707837
cf-polished: origSize=187664
content-length: 187656
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Sep 2023 09:12:12 GMT
server: cloudflare
etag: W/"2dd10-60525d699e04c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 81bdac30dc0063fa-LHR
expires: Thu, 26 Oct 2023 21:49:59 GMT

GET
H2 200 widget_app_base_1697824777924.js Show response
cdn.userway.org/widgetapp/2023-10-20-17-59-37/ 135 KB
40 KB 183ms
90ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 128442e896c8da3bc48faef5f843b7a4831a04713b10d7f96b8255ecc8753c39

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:00 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445503
x-amz-cf-pop: FRA60-P3
age: 95
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825097
x-77-nzt: AcO1rw43Nzf/P8wGAA
x-accel-expires: @1723745097
x-77-age: 445503
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:01 GMT
server: CDN77-Turbo
etag: W/"d634011d8790ee54b45f0468968ebba0"
x-77-nzt-ray: 90833930680ec034888d39652b489a02
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: f_9vAKp0DOvc0mHHcLxSm-6qwrQeeS-Pq1_JqH7jK3i7T1q1keNh3A==

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 156ms
57ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09f4097ec5082afc99f4b1be251c329068273256a16f12060a3eb56c0cfc936c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 20:48:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Oct 2023 21:50:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 110ms
42ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HAfQnQ1aKA6QX2rlLtw0Ew==
age: 7228
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 05:49:49 GMT
server: cloudflare
etag: 0x8DBD51E339170A3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f0bf9267-e01e-008e-0b7c-07ef35000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac32783e48b1-LHR

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 164ms
67ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71eda1dba82909d574153cd9f4e2759d44d342b983aa96295f9dff5cc1e64d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-9GDh3MyQyvJ7IfV2xyvBNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 25 Oct 2023 21:50:00 GMT

GET
H2 200 86714296-61df-485c-b4cf-db59eb2bc854.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/ 6 KB
3 KB 122ms
56ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/86714296-61df-485c-b4cf-db59eb2bc854.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40299b9992e3fa25c4c4ac5ea9937464f1902d8215ace04bbcbd637add585a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 29491
content-md5: +FzXVD5BFJYyh32hGBi+ew==
content-length: 2112
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 20:00:03 GMT
server: cloudflare
etag: 0x8DB5C9176D7283C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c169aba4-601e-006f-467a-8e7032000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac3358e7777f-LHR
expires: Thu, 26 Oct 2023 21:50:00 GMT

POST
H2 200 XJzryPgNCX Show response
api.userway.org/api/tunings/ 3 KB
3 KB 571ms
176ms XHR
application/json 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/XJzryPgNCX
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 481c4d894ae0037208e04d9dda439649b4aaa626b77495bbef63f7eb97d25c4e

Request headers

Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 21:50:00 GMT
etag: W/"a14-uqVtlTheUmBXQde+ZhuKw+0M5bU"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrf81eabdc1e38485
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2580
x-service-version: uw-pr

GET
H2 200 haleon-logo-white.svg
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/ 1 KB
2 KB 44ms
44ms Image
image/svg+xml 2606:4700::6812:1356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/haleon-logo-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:50:00 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1707838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 12 Sep 2023 09:12:08 GMT
server: cloudflare
etag: W/"573-60525d65d1d65"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 81bdac331ef263fa-LHR
expires: Thu, 26 Oct 2023 21:50:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/96163992/www-widgetapi.vflset/ 213 KB
66 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96163992/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0905f8d2dbf6c1d887bef1a7ab12eb7a561773304079cd230ecb527bb2a74e73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67324
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 01:51:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 24 Oct 2024 18:32:10 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
314 B 115ms
47ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81bdac34190d6557-LHR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 42ms
42ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 22910
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 144c20d3-601e-002b-3b0c-b4ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac3469d048b1-LHR

GET
H2 200 en-gb.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/7ab505f0-9cff-4b3d-b8e5-4df36f9a3337/ 34 KB
10 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/7ab505f0-9cff-4b3d-b8e5-4df36f9a3337/en-gb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f3195690cc70746dc549a04b37c1b46345ada82aeab9d216c1b29c1393712e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 61114
content-md5: j5m68hxq4O62u6LcqAVizg==
content-length: 9978
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 20:00:08 GMT
server: cloudflare
etag: 0x8DB5C9179B3A318
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8fb8660e-501e-007f-148c-f0f618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac34fb23777f-LHR
expires: Thu, 26 Oct 2023 21:50:00 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 9 KB
3 KB 43ms
43ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pti/u+fQP9FCIyxYOp1+Iw==
age: 29491
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2640
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:42 GMT
server: cloudflare
etag: 0x8DB81B785C7CC13
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 7a9dfeee-301e-005e-7fce-b32be5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac356bb2777f-LHR

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/ 63 KB
13 KB 42ms
41ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00b7928237d68d4ee4ee4d9c48e47ca0295e1d93ad19da367f813595efc7c539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ur92uSUH27h9n7U5aSbsSw==
age: 29491
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12707
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:44 GMT
server: cloudflare
etag: 0x8DB81B786B95D38
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 88e57330-401e-0096-7b5a-b4bad2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac356bb4777f-LHR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 42ms
42ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
age: 32820
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9b22b501-c01e-0087-0d65-b48dc9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81bdac357bb5777f-LHR

GET
H2 200 haleon-logo-colour-pos.svg
a-cf65.ch-static.com/content/dam/cf/haleon/logo/ 1 KB
1 KB 312ms
54ms Image
image/svg+xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a-cf65.ch-static.com/content/dam/cf/haleon/logo/haleon-logo-colour-pos.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F4) /

Resource Hash

7df0b944e7eb282c5158eef9febbad2d215662e2539bc4c41ee2efe59f7c3692

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:50:00 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Wed, 15 Mar 2023 08:10:44 GMT
server: ECAcc (ama/48F4)
age: 12644
etag: "5da-5f6ebe1776900-gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=86400
x-frame-options: SAMEORIGIN
accept-ranges: bytes
content-length: 804

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
492 B 44ms
44ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 291
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 05:49:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 5c8c3123-601e-0006-2559-070a3c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81bdac35dc1f777f-LHR

GET
H2 200 H_MasterLogo_Colour_POS_RGB.png
cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/ 42 KB
42 KB 43ms
43ms Image
image/png 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/H_MasterLogo_Colour_POS_RGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nNAGf+eQ9T8Sg4dRXg/voQ==
age: 57570
content-length: 42768
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 16:32:05 GMT
server: cloudflare
etag: 0x8DA38EBF1BB494C
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: aee89644-b01e-00c7-738c-c2a427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 81bdac35eb0948b1-LHR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 25 Oct 2023 21:50:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 13424
x-ms-lease-status: unlocked
last-modified: Wed, 25 Oct 2023 05:49:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 63142e67-301e-0024-2f6d-07cf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 81bdac35eb0a48b1-LHR

GET
H2 200 en-GB.json Show response
cdn.userway.org/widgetapp/2023-10-20-17-59-37/locales/ 500 B
945 B 46ms
46ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/locales/en-GB.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:00 GMT
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445433
x-amz-cf-pop: FRA60-P3
age: 45
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825167
x-77-nzt: AcO1rw43Nzf/+csGAA
x-accel-expires: @1723745167
x-77-age: 445433
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:00 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: 90833930680ec034888d3965b9e2472c
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: 7UJrEZFD_iuUWSPD1LXJMNeaxkkLa_z4odXoHJy44S0UzO5Aly8ZXg==

GET
H2 200 remediation_1697824777924.js Show response
cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/ 144 KB
39 KB 59ms
58ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/remediation_1697824777924.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 28f3d8e0893bc3b99f62b55e9d6e6584a10fbaed5e6ded58371240b1a0045e9f

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445478
x-amz-cf-pop: FRA60-P3
age: 112
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825123
x-77-nzt: AcO1rw43Nzf/JswGAA
x-accel-expires: @1723745123
x-77-age: 445478
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:00 GMT
server: CDN77-Turbo
etag: W/"e9f1c39de672c61d103978834877b5df"
x-77-nzt-ray: 90833930680ec034898d3965cf5aaf0e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: wJTkMMMZKpUkHbaQqdfx3OrqYtIJSFq_6eSo937YaSs5yIO94IWU7Q==

GET
H2 200 GsyK98SeDjsYDmfl.json Show response
cdn.userway.org/remediations/consolidated/1976382/ 230 KB
26 KB 86ms
86ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1976382/GsyK98SeDjsYDmfl.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 269d027487fb78aa297c9b5c57a7d12cf286c65b0301df577d652d649ec090f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1610
x-amz-cf-pop: DUS51-P2
age: 108
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698268991
x-77-nzt: AsO1rw43Nzf/SgYAANRmOAk3Nzf//REAAA
x-accel-expires: @1729800386
x-77-age: 6215
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2023 20:04:16 GMT
server: CDN77-Turbo
etag: W/"ff992c2bd7cd7eb1bf99da3cef53e99f"
x-77-nzt-ray: 90833930680ec034898d3965fb96e90e
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: F8IIzQ3UWyGVVXVdFCcApE8iYgqP9__IXj2H158jpqknzx6aBN96vA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 154ms
153ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 11451658
x-amz-cf-pop: FRA60-P3
age: 388
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818943
x-77-nzt: AcO1rw43Nzf/Cr2uAA
x-accel-expires: @1712738943
x-77-age: 11451658
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 90833930e627c02f898d3965f2176d17
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: Cvg8rC0Zfq3MhycPcr4pi1hPDxVe2yJVWzglYVIpG5_uq4YIhu6w5w==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 155ms
154ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 11451658
x-amz-cf-pop: FRA60-P3
age: 388
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1686818943
x-77-nzt: AcO1rw43Nzf/Cr2uAA
x-accel-expires: @1712738943
x-77-age: 11451658
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 90833930e627c02f898d39656f157217
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: NSZ4J0zJTOA1nCmC50K5IBx0519YpfZJgVOaBQ7wkt9LucHYSAaoEw==

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/paid/ 37 KB
14 KB 54ms
53ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 320db48546dbc7076280c7efebe750070cff9fa8d6f23ead46ca3238d9939118

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445478
x-amz-cf-pop: FRA60-P3
age: 111
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825123
x-77-nzt: AcO1rw43Nzf/JswGAA
x-accel-expires: @1723745123
x-77-age: 445478
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:06 GMT
server: CDN77-Turbo
etag: W/"e2ebe17f6fbe02cac8314a7035b37b11"
x-77-nzt-ray: 90833930680ec034898d3965e1377213
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: CyzeXaXiswCiS1oQseWKjivlRID1cdCjAqKHrXgxgj0PsmFQaWx3qQ==

GET
H2 200 GsyK98SeDjsYDmfl.json Show response
cdn.userway.org/remediations/consolidated/1976382/ 230 KB
26 KB 51ms
50ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1976382/GsyK98SeDjsYDmfl.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 269d027487fb78aa297c9b5c57a7d12cf286c65b0301df577d652d649ec090f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:01 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1610
x-amz-cf-pop: DUS51-P2
age: 108
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1698268991
x-77-nzt: AsO1rw43Nzf/SgYAANRmOAk3Nzf//REAAA
x-accel-expires: @1729800386
x-77-age: 6215
x-cache-lb: HIT
last-modified: Wed, 25 Oct 2023 20:04:16 GMT
server: CDN77-Turbo
etag: W/"ff992c2bd7cd7eb1bf99da3cef53e99f"
x-77-nzt-ray: 90833930680ec034898d3965066bfa16
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: F8IIzQ3UWyGVVXVdFCcApE8iYgqP9__IXj2H158jpqknzx6aBN96vA==

OPTIONS
H2 200 alts.json
cdn.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/uIdjOFXzQlIXn1k9/ Frame 0
0 366ms
366ms Preflight 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/uIdjOFXzQlIXn1k9/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fstatic%2Fpowered_by_logo.svg%22%2C%22alt%22%3A%22Powered%20by%20Onetrust%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F386588211_830690645502897_2718833994838787814_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F394823772_227933920300279_1512104454878226347_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.36329-15%2F386593704_613482757622220_7964330944253515092_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F387698523_647823747424797_902672444650718957_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F391180562_725503232746980_8353764785297446904_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.36329-15%2F393065490_1349527432656739_2404488546697939054_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Finvestors%2FAR-hero2.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F4%2520Haleon%2520joins%2520zero100.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F5%2520Haleon%2520and%2520Microsoft%2520Seeing%2520AI%252010.jpg%22%2C%22alt%22%3A%22Seeing%20AI%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F6%2520Longer%2520healthier%2520lives%2520more%2520likely%2520in%2520countries.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2Fotrivin-haleon.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Four-impact%2FHaleon-4466.jpg%22%2C%22alt%22%3A%22Health%20inclusivity%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Four-impact%2FSite%2520based%2520solar%2520energy%2520-%2520DJI_0006.JPG%22%2C%22alt%22%3A%22Zero100%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fexperience-fragments%2Fhaleon%2Fcorporate%2Fheader%2Fmaster%2F_jcr_content%2Froot%2Fcontainer%2Fcontainer_481579621%2Fimage.coreimg.svg%2F1678803006119%2Fhaleon-logo-white.svg%22%2C%22alt%22%3A%22Logo%20of%20Haleon%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
age: 6296
cache-control: max-age=604800
date: Wed, 25 Oct 2023 21:50:02 GMT
server: CDN77-Turbo
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
x-77-cache: MISS
x-77-nzt: AsO1rw43NzcA1GY4nDc3NwA
x-77-nzt-ray: 90833930680ec034898d3965f7f43339
x-77-pop: frankfurtDE
x-amz-cf-id: c8koz1XAFF8JOjmELpWDSOHqGkXQ4pnYjcGmnrIB19pa_t1B8g_-JQ==
x-amz-cf-pop: DUS51-P2
x-service-version: img-dscr-srv-f045ad32

GET
H2 200 alts.json Show response
cdn.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/uIdjOFXzQlIXn1k9/ 3 KB
1 KB 135ms
134ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/uIdjOFXzQlIXn1k9/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fstatic%2Fpowered_by_logo.svg%22%2C%22alt%22%3A%22Powered%20by%20Onetrust%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F386588211_830690645502897_2718833994838787814_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.29350-15%2F394823772_227933920300279_1512104454878226347_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-1.cdninstagram.com%2Fv%2Ft51.36329-15%2F386593704_613482757622220_7964330944253515092_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F387698523_647823747424797_902672444650718957_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F391180562_725503232746980_8353764785297446904_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.36329-15%2F393065490_1349527432656739_2404488546697939054_n.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Finvestors%2FAR-hero2.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F4%2520Haleon%2520joins%2520zero100.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F5%2520Haleon%2520and%2520Microsoft%2520Seeing%2520AI%252010.jpg%22%2C%22alt%22%3A%22Seeing%20AI%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2F6%2520Longer%2520healthier%2520lives%2520more%2520likely%2520in%2520countries.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2Fotrivin-haleon.png%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Four-impact%2FHaleon-4466.jpg%22%2C%22alt%22%3A%22Health%20inclusivity%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Four-impact%2FSite%2520based%2520solar%2520energy%2520-%2520DJI_0006.JPG%22%2C%22alt%22%3A%22Zero100%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fexperience-fragments%2Fhaleon%2Fcorporate%2Fheader%2Fmaster%2F_jcr_content%2Froot%2Fcontainer%2Fcontainer_481579621%2Fimage.coreimg.svg%2F1678803006119%2Fhaleon-logo-white.svg%22%2C%22alt%22%3A%22Logo%20of%20Haleon%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1697824777924
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 31214d060a63dede23c80d631a4fcca43e4494f4b396d9074c2f7fe5be292f30

Request headers

Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:02 GMT
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P2
age: 1632
x-77-cache: HIT
x-accel-date: 1698265938
x-service-version: img-dscr-srv-f045ad32
x-77-nzt: AsO1rw43Nzeh1GY4nDc3N/84EgAA
x-accel-expires: @1698870738
x-77-age: 4664
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"ddc-GiamQ3gCrX1ErEXeDJiqKCDQDxM"
x-77-nzt-ray: 90833930680ec0348a8d3965758b7b13
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *
x-amz-cf-id: ZGul8-2jIvvInr4L41ctxg6SkppW2xG2MTR8CZJmGzOXtJaCJim7Rg==

OPTIONS
H2 200 pdf-links
api.userway.org/api/br-links/v0/ Frame 0
0 176ms
176ms Preflight 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: no-cache, no-store, must-revalidate
date: Wed, 25 Oct 2023 21:50:02 GMT
x-service-version: apps-70fa83c1

GET
H2 200 slick_slider_1697824777924.js Show response
cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/ 6 KB
2 KB 46ms
46ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/slick_slider_1697824777924.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 57bdcfeb221eda39bee4e4b432a0c744e54c434e17c4d306a3c0c46ba5ab7f6d

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:02 GMT
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445475
x-amz-cf-pop: FRA60-P3
age: 99
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825127
x-77-nzt: AcO1rw43Nzf/I8wGAA
x-accel-expires: @1723745127
x-77-age: 445475
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:01 GMT
server: CDN77-Turbo
etag: W/"e10fae404b3c9ee43d2a1e7324312b7c"
x-77-nzt-ray: 90833930680ec0348a8d3965543d8a13
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: Tgg1CAnLdiW_42qs0qhTSgM7nJ7dc_8tV66uoRfyxNxsoCJXSW7EVg==

GET
H2 200 nav_menu_helper_1697824777924.js Show response
cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/ 23 KB
7 KB 48ms
47ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/remediation/nav_menu_helper_1697824777924.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6f1d1849e7fe5e6ca4b209d8e80cfd64e00291a78e0836af595f432f1b767180

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 25 Oct 2023 21:50:02 GMT
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 445476
x-amz-cf-pop: FRA60-P3
age: 112
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1697825126
x-77-nzt: AcO1rw43Nzf/JMwGAA
x-accel-expires: @1723745126
x-77-age: 445476
x-cache-lb: HIT
last-modified: Fri, 20 Oct 2023 18:02:00 GMT
server: CDN77-Turbo
etag: W/"16ddc24f8d4cae65f35a3e9940fa747b"
x-77-nzt-ray: 90833930680ec0348a8d3965cffd9413
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 9I8dSzdxCAE7dsCZQ4f1M8kkiPXwZf33GnNy2l1V2PkkfdvZg4GfNA==

POST
H2 200 pdf-links Show response
api.userway.org/api/br-links/v0/ 20 B
396 B 181ms
180ms XHR
application/json 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c

Request headers

Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 Oct 2023 21:50:02 GMT
etag: W/"14-I+eLc34uO7lHPE89U9ERUA48pFo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 20
x-service-version: apps-70fa83c1

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.haleon.com%2F/DESKTOP/WIDGET_ON/ 77 B
454 B 177ms
177ms Fetch
application/json 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.haleon.com%2F/DESKTOP/WIDGET_ON/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-10-20-17-59-37/widget_app_base_1697824777924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 21:50:06 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-809f5266

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
irs.tools.investis.com/	1970-01-20 15:54:35	Name: AWSALBCORS Value: fh6V+zotC3Os2H8+nPLF0naZIeyZCLUZdbZNvAVgxRLmqJeg314HL0/XmOyJkC+Mub6Q03/yvopeKOoDSxsQOR6Z/O2zBJuzS+TE3JZcSeDQs00jRnwoJcNR1dOX
www.haleon.com/	1970-01-20 15:44:32	Name: gtm_session_start Value: 1698270599996
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: mTC0kkuH83w
.youtube.com/	1970-01-20 20:03:42	Name: VISITOR_INFO1_LIVE Value: V09FOOU924g
.haleon.com/	1970-01-21 00:30:06	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Oct+25+2023+22%3A50%3A00+GMT%2B0100+(British+Summer+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ccedbc1d-3b38-45c5-b21b-c5dfc70d38da&interactionCount=0&landingPath=https%3A%2F%2Fwww.haleon.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.haleon.com/(Line 20) Message: <link rel=preload> has an unsupported `type` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a-cf65.ch-static.com
api.userway.org
api.websitecarbon.com
cdn.addevent.com
cdn.cookielaw.org
cdn.userway.org
code.jquery.com
fonts.googleapis.com
geolocation.onetrust.com
haleon.com
irs.tools.investis.com
static.cloudflareinsights.com
unpkg.com
www.googletagmanager.com
www.haleon.com
www.youtube.com
18.238.243.125
2.17.100.194
2600:1f14:5db:eb00:9c56:7ebd:15bd:cb0a
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:2089
2606:4700::6810:3965
2606:4700::6810:7daf
2606:4700::6812:1356
2606:4700::6812:82ec
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:827::200a
2a02:6ea0:c700::10
2a04:4e42:400::649
2a06:98c1:3120::3
85.90.236.47
00b7928237d68d4ee4ee4d9c48e47ca0295e1d93ad19da367f813595efc7c539
00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb
01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff
01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c
035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88
03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6
078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4
0905f8d2dbf6c1d887bef1a7ab12eb7a561773304079cd230ecb527bb2a74e73
09f4097ec5082afc99f4b1be251c329068273256a16f12060a3eb56c0cfc936c
0df089003b2c47a822fd1a10a7c65e4dd7bc0d731bad9327ebc497077e68bf0e
128442e896c8da3bc48faef5f843b7a4831a04713b10d7f96b8255ecc8753c39
16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db
16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade
1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2
1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952
200f9498057b19d371e5bc177ed1e7efb4c830dca8c89b329054d89c4c305185
2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b
269d027487fb78aa297c9b5c57a7d12cf286c65b0301df577d652d649ec090f6
26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847
275e1ae0767bce8d941ae68d0bb52b5e2db1545703609aa3af636203f7260375
28f3d8e0893bc3b99f62b55e9d6e6584a10fbaed5e6ded58371240b1a0045e9f
2a025f87b040f3437bf045e7ffcb4b11abb2023ce2b94938a54674186277fb82
2c5bced06b64e84e26609cf7116dbbc4bc23d73190254eef308d853cebca421f
2ecd5d9645b33877cb4f9533ab65712c73469ec893e12cfba0de4342fbd53c4c
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
3039f3728c31674c002c88b2ab7b915cf6d1c6d4d3eaa9aff2a6170bd6e19781
31214d060a63dede23c80d631a4fcca43e4494f4b396d9074c2f7fe5be292f30
320db48546dbc7076280c7efebe750070cff9fa8d6f23ead46ca3238d9939118
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732
382df676d5087471e0aac0d73f8264b36074d17a3897f62f88bb62ca520e4f84
390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94
393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15
398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3a914008ab8ee787c3d3593b8db98c491b1a3526f3c43e919452e7ce0062d2b0
3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e
40299b9992e3fa25c4c4ac5ea9937464f1902d8215ace04bbcbd637add585a67
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d18e0cabd7c3a009b6fa64e657cafe48ed56e0167bbcb25c9416282ccd9f19
481c4d894ae0037208e04d9dda439649b4aaa626b77495bbef63f7eb97d25c4e
4cf969a8efc38b1113da52708b3b75f8ba99013291b43cf1d6c39f4d01f8dcdc
4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577
55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6
564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366
5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551
57bdcfeb221eda39bee4e4b432a0c744e54c434e17c4d306a3c0c46ba5ab7f6d
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398
5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e
5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc
6548dd8235f42fb79c1d59f7c37670bb011ad62038b168b3cfee4d1b6883fd6c
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d77f856767d92434228b3cec1b6b04e2b75e99c7dc4833aad677c4cf6c3ea2c
6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f
6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05
6f1d1849e7fe5e6ca4b209d8e80cfd64e00291a78e0836af595f432f1b767180
6f3195690cc70746dc549a04b37c1b46345ada82aeab9d216c1b29c1393712e7
7010ae5b97d40c090a0874cc907be6f4527bc91f073b186c85d567069a6b9a38
71eda1dba82909d574153cd9f4e2759d44d342b983aa96295f9dff5cc1e64d42
72b9760e75abde5f4ac7f7879ddcffb9d4eda4ba310147588c007f2bf1b0b701
745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978
79dda5754be6e76106e2a3802d620eec731e240177c251cc0d78a2e77fa450ab
7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9
7ac3e0475f250086b64cd8e92b65fe18dcfb680f15bbfa97dc828d7bc91dd917
7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493
7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc
7df0b944e7eb282c5158eef9febbad2d215662e2539bc4c41ee2efe59f7c3692
81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e
89834dd0fe4e0c7d9e0daed8791c5ff5001b206c133de248a17235698e471dc3
8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306
8c9dccb4b346171249ab7713c475e99dba8b2a662f6318dfc6a1baa8ab8deeda
8f4194b0f81cbe99bf736f8d4ebf9f7ec35e4a4aab11b3eb53c76f743a084f4b
930077788dc3f94f1b3d42331fdd33c95c1f06d9ec35deeb9d877b78c9d464ca
93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec
94fbd6fa0d38828afa783ef7e3b7b134776b2bb662e0f9fad65700c3a811c34e
97ffbd4d3e1e06635d9f6a34f3be4415629561f9814f962660d09820ae43b55d
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78
a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07
a7cfab815267e7e9e90a4978e5a42476ce28a48983f3a6b8e96eb3e9db2a13c1
a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826
aa76f179fbd749c530e2b888ff7710ad26e4ac980bff52c9d5aebf5907dc4345
aef98e3d57572ea20afe6d4af530e763d83fd029326b68f428aa96c5ba669ad1
b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392
b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561
b3902c23c76dab88eb9b4a0de8fd02a8e0329047b3c1051daa8510ca7eb69a85
b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d
b56b79f8811aa833678c36f8c604be4bcce447ffde377b1faf4c311eb55154e0
b5f819a3646ded3c72b22ed7e5786d106862362a080da10f2396c0a3fe96ef98
b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e
ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5
bb748c805fcf3df15834cc00c3b1a6a92b3f39755ecccd221dd6b57242cfc51d
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786
cac7673ef34ddada4514379e77e8eee49c1145f524b784b77b70e0cc9f2fdb4d
cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0c233d327541d2961f1cde9e53a6166279655f4d4041c1bc458ac1701827719
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d
d4e0b51db940e096731fbe30fb3b9367be7f56e67005d654ad088512e1811ecd
d73b9bc99c23b17226279052b18b354b6157cbfb4fd906b5a6347da0a6856d20
db645e8a34bfffb0cfc4ec884f717ad9fded1099ca09b8c1f82bd938bbf8069b
dcc9866372cf9a1322d0d62a36e81b1a7222afa4042ecd7d07fbd19fd9afcd76
de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33
df2f5ecb6da664ac6b8160778bee5df75f5b55b2532badf2e1ccf3a216cbf8c3
e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897
e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3
e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03
e999f2fecc27404272c7e1ec2b22f5c31efa2c0dab92745b648922a45a67673a
ecb36b720daac7b62ebfa04530cecc177f6ab5e3cb6059dd1bb8c57a92025f79
ed3a69e3267f056582ed012f7252319adb227fed203a4781eb820ea732aa4594
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218
fbb6372b9e70140f4cf9362f1f52ea17423e8e28376e583d2aae443b5521e4ca
fc1ba5b02a9c381541fa4fb0479665301b6881bc359340cf9ff584583ee90996
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haleon.com Open in urlscan Pro 2606:4700::6812:1356 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

100 %HTTPS

81 %IPv6

14 Domains

16 Subdomains

16 IPs

3 Countries

9797 kBTransfer

12418 kBSize

5 Cookies

29 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haleon.com Open in urlscan Pro
2606:4700::6812:1356 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

16
Subdomains

16
IPs

3
Countries

9797 kB
Transfer

12418 kB
Size

5
Cookies

141 HTTP transactions
1 data transactions