www.haleon.com Open in urlscan Pro
2606:4700::6812:1256 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://haleon.com/
Effective URL:
https://www.haleon.com/
Submission: On May 18 via api (May 18th 2023, 9:38:24 pm UTC) from US — Scanned from NL

Summary HTTP 135 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 135 HTTP transactions. The main IP is 2606:4700::6812:1256, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haleon.com. The Cisco Umbrella rank of the primary domain is 270591.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2023. Valid for: a year.

This is the only time www.haleon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.90.236.47 85.90.236.47	15830 (EQUINIX) (EQUINIX)
85	2606:4700::68... 2606:4700::6812:1256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	23.36.162.220 23.36.162.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.114 18.66.112.114	16509 (AMAZON-02) (AMAZON-02)
5	54.245.246.59 54.245.246.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
135	15

1 85.90.236.47 (City of Westminster, United Kingdom) 1 redirects

ASN15830 (EQUINIX, NL)

haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2606:4700::6812:1256 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.36.162.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-220.deploy.static.akamaitechnologies.com

irs.tools.investis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api.websitecarbon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-114.fra56.r.cloudfront.net

cdn.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.245.246.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-246-59.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
86	haleon.com 1 redirects haleon.com — Cisco Umbrella Rank: 151896 www.haleon.com — Cisco Umbrella Rank: 270591	7 MB
16	investis.com irs.tools.investis.com — Cisco Umbrella Rank: 58567	459 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 4174 api.userway.org — Cisco Umbrella Rank: 4126	114 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 368	180 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	63 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 696	61 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 587	304 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	addevent.com cdn.addevent.com — Cisco Umbrella Rank: 24212	8 KB
1	websitecarbon.com api.websitecarbon.com — Cisco Umbrella Rank: 390371	616 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	78 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 822	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
135	13

	Domain	Requested by
85	www.haleon.com	www.haleon.com
16	irs.tools.investis.com	www.haleon.com irs.tools.investis.com code.jquery.com
10	cdn.cookielaw.org	www.googletagmanager.com www.haleon.com cdn.cookielaw.org
8	cdn.userway.org	www.haleon.com cdn.userway.org
5	api.userway.org	www.haleon.com
2	www.youtube.com	www.haleon.com www.youtube.com
2	code.jquery.com	irs.tools.investis.com
1	geolocation.onetrust.com	www.haleon.com
1	fonts.googleapis.com	client
1	cdn.addevent.com	www.haleon.com
1	api.websitecarbon.com	unpkg.com
1	www.googletagmanager.com	www.haleon.com
1	unpkg.com	www.haleon.com
1	static.cloudflareinsights.com	www.haleon.com
1	haleon.com	1 redirects
135	15

This site contains links to these domains. Also see Links.

Domain
otp.investis.com
www.youtube.com
www.google.com
www.instagram.com
www.linkedin.com
websitecarbon.com
supplier.haleon.com
www.terms.haleon.com
www.privacy.haleon.com
haleon-privacy.my.onetrust.com
health1.aetna.com
transparency-in-coverage.uhc.com
privacy.haleon.com
www.onetrust.com

Subject Issuer	Validity	Valid
haleon.com Cloudflare Inc ECC CA-3	`2023-03-14` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
irs.tools.investis.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
api.websitecarbon.com Cloudflare Inc ECC CA-3	`2022-08-04` - `2023-08-03`	a year	crt.sh
*.addevent.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-26`	7 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2023-02-09` - `2023-10-31`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.haleon.com/
Frame ID: DBF730681416ABA8F7B822DEC88978B7
Requests: 116 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Frame ID: F3AEBB79828C70E004CF9C4D961D64CF
Requests: 9 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Frame ID: 237420CF1D81AAB89DB4DA2313BA8CAF
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - HaleonBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

100 %
HTTPS

73 %
IPv6

13
Domains

15
Subdomains

15
IPs

4
Countries

7733 kB
Transfer

9988 kB
Size

4
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1687995&cid=2805
Title: Holding(s) in Company

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1687993&cid=2805
Title: Holding(s) in Company

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1687423&cid=2805
Title: Director/PDMR Shareholding

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1687229&cid=2805
Title: EMTN programme publication of base prospectus

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=MWmNuZJ5Q0s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=rQc94O6VQI0

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=tRp34mz-r18

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=Qp_kYb4s_WM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=MNQD6owK6EE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eNZZe56WKhE

Search URL Search Domain Scan URL

URL: https://www.google.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haleon/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeRp3iDRROr1lj1jkXScycA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/haleon
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://websitecarbon.com/
Title: Website Carbon

Search URL Search Domain Scan URL

URL: https://supplier.haleon.com/irj/portal/public?guest_user=SUP_GUEST_EN
Title: Supplier portal

Search URL Search Domain Scan URL

URL: https://www.terms.haleon.com/en-gb/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.privacy.haleon.com/en-gb/
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://haleon-privacy.my.onetrust.com/webform/9ff761e6-6f16-4e20-800d-92706b153697/aab0d980-b305-4dc6-ac75-08f4a44b3442
Title: Your Privacy Choices (U.S.)

Search URL Search Domain Scan URL

URL: https://health1.aetna.com/app/public/#/one/insurerCode=AETNACVS_I&brandCode=ALICSI/machine-readable-transparency-in-coverage?searchTerm=111579681&lock=true
Title: Aetna

Search URL Search Domain Scan URL

URL: https://transparency-in-coverage.uhc.com/
Title: United Healthcare

Search URL Search Domain Scan URL

URL: https://privacy.haleon.com/en-gb/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

135 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.haleon.com/
Redirect Chain

http://haleon.com/
https://www.haleon.com/

99 KB
16 KB

142ms
40ms

Document
text/html

2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3922cdac3052d79c6f4762987bb29ebd1aa78e3a00e0449e594c7389406dd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 101265
bsg-cdn: P
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 7c973f0dfe4d3668-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
content-type: text/html; charset=UTF-8
date: Thu, 18 May 2023 21:38:17 GMT
expires: Fri, 19 May 2023 21:38:17 GMT
last-modified: Wed, 17 May 2023 17:10:06 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: text/html; charset=UTF-8
Location: https://www.haleon.com/

GET
H2 200 NewHeroAccess-Regular.woff
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 89 KB
90 KB 36ms
33ms Font
application/font-woff 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Regular.woff

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 394254
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:29:37 GMT
server: cloudflare
etag: W/"165b8-5f931d94a05f3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=86400
cf-ray: 7c973f0e4e853668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 NewHeroAccess-Medium.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
82 KB 66ms
57ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Medium.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc9866372cf9a1322d0d62a36e81b1a7222afa4042ecd7d07fbd19fd9afcd76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1955725
content-length: 83488
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"14620-5f931cef0cf11"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e6ebe3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 NewHeroAccess-ExtraBold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 83 KB
85 KB 67ms
57ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-ExtraBold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56b79f8811aa833678c36f8c604be4bcce447ffde377b1faf4c311eb55154e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 394256
content-length: 84964
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:29:37 GMT
server: cloudflare
etag: "14be4-5f931d94a4dcc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e6ec03668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 NewHeroAccess-Bold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
84 KB 81ms
72ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Bold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 394256
content-length: 84304
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:29:37 GMT
server: cloudflare
etag: "14950-5f931d94a38bb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e6ec13668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 262 KB
25 KB 57ms
48ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee2551e31093d7ba5015d5f4ee7247ec8f82d40e3fc83e8bf30384c55706141

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955725
cf-polished: origSize=271683
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Wed, 19 Apr 2023 08:44:57 GMT
server: cloudflare
etag: W/"42543-5f9ac705283bf"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e4e883668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 site.min.44a1783be8e88dc73188908af6c38c01.css
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 185 B
227 B 60ms
51ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.44a1783be8e88dc73188908af6c38c01.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=188
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"bc-5f931cef0e299"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e4e8a3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 site.min.59c0d61dcf5eacb237a83816c6996ebd.css
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 551 B
356 B 60ms
52ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.59c0d61dcf5eacb237a83816c6996ebd.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955725
cf-polished: origSize=559
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:42 GMT
server: cloudflare
etag: W/"22f-5f931ced7344f"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e5e8b3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.d54c23ba76bd8648119795790ae83779.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 304 B
286 B 55ms
47ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.d54c23ba76bd8648119795790ae83779.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=308
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:27 GMT
server: cloudflare
etag: W/"134-5f94c83cb5cce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e5e8c3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 18 KB
5 KB 54ms
46ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1954202
cf-polished: origSize=19065
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"4a79-5f931cef059e1"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e5e8d3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 0
77 B 55ms
47ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 393632
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:27 GMT
server: cloudflare
etag: "0-5f94c83c9e9b5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e5e8e3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 594 B
2 KB 57ms
48ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=611
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"263-5f931cef3c481"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e5e8f3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 site.min.b104a4a85c21511ada13e2c6e7552d37.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 29 B
270 B 56ms
48ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b104a4a85c21511ada13e2c6e7552d37.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
content-length: 29
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: "1d-5f931cef0bb89"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e5e933668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.678529bdf3a4377ad53eddfaad041267.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 743 B
460 B 59ms
51ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.678529bdf3a4377ad53eddfaad041267.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=751
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 23:42:22 GMT
server: cloudflare
etag: W/"2ef-5f954647ed636"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e5e953668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.ac454580b0f82967c3a2d72f50c05d29.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/ 19 KB
2 KB 60ms
52ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/clientlibs.min.ac454580b0f82967c3a2d72f50c05d29.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2865a2dbf377d9916f4e21de56f5e61c097336314eb307e413f8af88eb805f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=19789
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 03:16:50 GMT
server: cloudflare
etag: W/"4d4d-5f97f9f304b29"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6ead3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/ 20 B
126 B 78ms
71ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1953868
content-length: 20
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"14-5f931cef05211"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e6eae3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.64c32a9511d1cdef0ea3310ab4a4e943.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 28 KB
4 KB 60ms
53ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.64c32a9511d1cdef0ea3310ab4a4e943.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6f3e95d0bcf6423200dd54b96616aedc329a412bab352a0c281a9baa09247f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 2538855
cf-polished: origSize=29263
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Wed, 19 Apr 2023 08:52:08 GMT
server: cloudflare
etag: W/"724f-5f9ac89fa32de"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eaf3668-FRA
expires: Fri, 19 May 2023 21:38:17 GMT

GET
H2 200 clientlibs.min.86ab8274351383f0c2d0760418a41322.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 30 KB
3 KB 78ms
70ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.86ab8274351383f0c2d0760418a41322.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55e2f5b2e1ab6c1d45745d9a99121b3d2b1e456eb5ab36895543e3f42665b1e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955726
cf-polished: origSize=31548
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"7b3c-5f931cef37279"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb23668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.d84933f1a6f54b27525c436f7cefb11f.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 31 KB
3 KB 80ms
73ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.d84933f1a6f54b27525c436f7cefb11f.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d9539d3349e684f8e47a24d224f9f669ec1da14ad76f9707562b8c84d341770

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1953514
cf-polished: origSize=31971
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:44 GMT
server: cloudflare
etag: W/"7ce3-5f931cef04a41"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb33668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 235 B
204 B 64ms
56ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 23:42:24 GMT
server: cloudflare
etag: W/"eb-5f954649d6cac"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb43668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.8af336a272e8932bdaea9476e3ae69d6.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/ 18 KB
2 KB 64ms
57ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.8af336a272e8932bdaea9476e3ae69d6.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe8046682d27741eccd1f94e78c0865d67573bf647e53226bdd344058130006

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398705
cf-polished: origSize=18396
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:29 GMT
server: cloudflare
etag: W/"47dc-5f94c83ed11ce"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb63668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.d1a13e9f1ed62b4893abca050c0b0e43.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/ 13 KB
1 KB 63ms
56ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/clientlibs.min.d1a13e9f1ed62b4893abca050c0b0e43.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ed5f5ca449bc01efd1589117449e19faa028d4e9db97137834384003a55c12e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398705
cf-polished: origSize=13228
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 20 Apr 2023 13:39:54 GMT
server: cloudflare
etag: W/"33ac-5f9c4acf826da"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb73668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.247e68e7da77bf348e10e12e406e39c8.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/ 15 KB
2 KB 77ms
70ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/clientlibs.min.247e68e7da77bf348e10e12e406e39c8.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

695d8c36bd002e5695760f3633502344f785f3fbdbc8454d858fd2e197e0efc5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398705
cf-polished: origSize=15294
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:29 GMT
server: cloudflare
etag: W/"3bbe-5f94c83eb259d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6eb83668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.e9b300c5c41920b55ed6df9af34d6d27.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 12 KB
1 KB 76ms
69ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.e9b300c5c41920b55ed6df9af34d6d27.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2879b4eed0880c86b3806361f6f904842f1eec330184dff28cfb894a63ed0477

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398705
cf-polished: origSize=12761
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:29 GMT
server: cloudflare
etag: W/"31d9-5f94c83eaf2d5"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6ebb3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.f16839193acd06c401eadbcb5a97641d.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 14 KB
2 KB 80ms
73ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.f16839193acd06c401eadbcb5a97641d.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d5832709c9d15ebe8c7636536717655053bdf5c9b066b9ff5819d8c5a6803b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 151441
cf-polished: origSize=14251
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"37ab-5f94c83f89a43"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 7c973f0e6ec23668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 Mask%20Group%2016.png
www.haleon.com/content/dam/compass-group/corporate/group-foundation/ 107 KB
107 KB 72ms
71ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/compass-group/corporate/group-foundation/Mask%20Group%2016.png

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200f9498057b19d371e5bc177ed1e7efb4c830dca8c89b329054d89c4c305185

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 2425931
cf-polished: origFmt=png, origSize=217185
content-disposition: inline; filename="Mask%20Group%2016.webp"
content-length: 109708
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Mon, 06 Mar 2023 12:54:45 GMT
server: cloudflare
etag: "35061-5f63acca3c859"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0e6ec43668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 rocket-loader.min.js Show response
www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 52ms
52ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 10:15:41 GMT
server: cloudflare
etag: W/"6465facd-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7c973f0e6ec53668-FRA
expires: Sat, 20 May 2023 21:38:17 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 117ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c973f0eb8a83669-FRA

GET
H/1.1 200
OK ticker_lse.aspx Show response
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame F3AE 10 KB
3 KB 190ms
104ms Document
text/html 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

21c730f18cca39f60a57bc1417e93673eb96203323c648a644251ebac4408c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, max-age=90
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3177
Content-Type: text/html; charset=utf-8
Date: Thu, 18 May 2023 21:38:18 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ticker_nyse.aspx Show response
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame 2374 10 KB
4 KB 216ms
132ms Document
text/html 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

620c34f9406063da6d8f8c2b6ae2e0858b409420022ba642fb0f48a31221e781

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3155
Content-Type: text/html; charset=utf-8
Date: Thu, 18 May 2023 21:38:18 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 206 Home%20banner%20new%20at%2018%20March.mp4
www.haleon.com/content/dam/haleon/corporate/videos/ 3 MB
3 MB 68ms
67ms Media
video/mp4 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/Home%20banner%20new%20at%2018%20March.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ffbd4d3e1e06635d9f6a34f3be4415629561f9814f962660d09820ae43b55d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 314905
Content-Range: bytes 0-2954349/2954350
Content-Length: 2954350
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 20 Mar 2023 14:24:57 GMT
server: cloudflare
etag: "2d146e-5f755b1036db5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=86400
cf-ray: 7c973f0e7ec63668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 206 Haleon-homepage-ambient-video.mp4
www.haleon.com/content/dam/haleon/corporate/videos/home/ 2 MB
2 MB 55ms
55ms Media
video/mp4 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/home/Haleon-homepage-ambient-video.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9dccb4b346171249ab7713c475e99dba8b2a662f6318dfc6a1baa8ab8deeda

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 2178417
Content-Range: bytes 0-2551562/2551563
Content-Length: 2551563
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 14 Mar 2023 10:27:56 GMT
server: cloudflare
etag: "26ef0b-5f6d9ae542680"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=86400
cf-ray: 7c973f0e7ec93668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 search-whote.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 698 B
1 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/search-whote.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kWjStdxJXhg9juGWgWo.uwKsjYh0B6vAJw2Mkmuo7Kg-1684445898-0-ARlBAP81Bt7PrCeSohECN0Q-rgV-7ktuuVSpOk4v9op7xlttbovlUXl0rkh_22wkpDWKjOokKX2J8oyWYIJhGUQRXOqRdESucpZzEfc4ftTd1Pw2pjcroOKb4yRUTvdbh9Av4cMp0yYjV2OF7M24Pcs; report-to cf-csp-endpoint
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 09:56:38 GMT
server: cloudflare
etag: W/"2ba-5f948db7d3ee7"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=kWjStdxJXhg9juGWgWo.uwKsjYh0B6vAJw2Mkmuo7Kg-1684445898-0-ARlBAP81Bt7PrCeSohECN0Q-rgV-7ktuuVSpOk4v9op7xlttbovlUXl0rkh_22wkpDWKjOokKX2J8oyWYIJhGUQRXOqRdESucpZzEfc4ftTd1Pw2pjcroOKb4yRUTvdbh9Av4cMp0yYjV2OF7M24Pcs"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: public, max-age=86400
cf-ray: 7c973f0eff863668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 haleon-logo-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/ 1 KB
2 KB 36ms
35ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/haleon-logo-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 20 Apr 2023 05:53:59 GMT
server: cloudflare
etag: W/"572-5f9be2ab9298b"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0eff873668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 chat-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 725 B
516 B 39ms
37ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chat-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:32 GMT
server: cloudflare
etag: W/"2d5-5f94c841019f8"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0eff883668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 chevron-down-white.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 241 B
321 B 37ms
36ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chevron-down-white.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 20 Apr 2023 13:40:25 GMT
server: cloudflare
etag: W/"f1-5f9c4aed6a463"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0eff8b3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 ellipse-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 150 B
230 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ellipse-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.86ab8274351383f0c2d0760418a41322.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.86ab8274351383f0c2d0760418a41322.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"96-5f94c8400056c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0eff8c3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 arrow-right-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 300 B
2 KB 37ms
36ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"12c-5f94c83ff2e93"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0f913668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 markers-updated.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
542 B 37ms
37ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/markers-updated.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1953867
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"a1c-5f931ceb33107"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0f923668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 arrow-right-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
322 B 67ms
67ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 393633
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 17 Apr 2023 03:16:52 GMT
server: cloudflare
etag: W/"12e-5f97f9f53b6ca"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0f9d3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 plus-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 179 B
2 KB 68ms
68ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/plus-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.8af336a272e8932bdaea9476e3ae69d6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.8af336a272e8932bdaea9476e3ae69d6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1911774
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"b3-5f931ceb603b1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa03668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 vector-decoration-light-bg.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
508 B 66ms
64ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/vector-decoration-light-bg.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 393633
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 18 Apr 2023 02:07:21 GMT
server: cloudflare
etag: W/"71e-5f992c48d99cc"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa23668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 tabs-social-insta.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 4 KB
1 KB 65ms
64ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-insta.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 393633
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 23:42:32 GMT
server: cloudflare
etag: W/"e40-5f954651f2041"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa43668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 tabs-social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 791 B
1 KB 66ms
65ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1953867
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=j5Rxgv5gd0XZUjo6wxwL7Y50owIszd1vRIaUaODNUhE-1684445898-0-ASnnriSfp2AnvU28oEMU0UTXoC2mpJkS4RAA6Fy2o6AwP1PXNNc_tp0KvcEyzXl4M9f5_ooPlZO4P1L2IgDBOPsX4q0swS8zGe3uiY2SazKocZxdb1x00HZ-U642Rxf12Wt1sGbFpvUAICXkecM1gtc; report-to cf-csp-endpoint
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:26:41 GMT
server: cloudflare
etag: W/"317-5f931cec7982b"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=j5Rxgv5gd0XZUjo6wxwL7Y50owIszd1vRIaUaODNUhE-1684445898-0-ASnnriSfp2AnvU28oEMU0UTXoC2mpJkS4RAA6Fy2o6AwP1PXNNc_tp0KvcEyzXl4M9f5_ooPlZO4P1L2IgDBOPsX4q0swS8zGe3uiY2SazKocZxdb1x00HZ-U642Rxf12Wt1sGbFpvUAICXkecM1gtc"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa53668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 tabs-social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 775 B
537 B 68ms
66ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1911624
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 13 Apr 2023 06:26:41 GMT
server: cloudflare
etag: W/"307-5f931cec630ca"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa63668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 social-instagram.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
1 KB 69ms
68ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-instagram.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:32 GMT
server: cloudflare
etag: W/"cac-5f94c841bfcfb"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fa83668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 593 B
425 B 71ms
70ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 18 Apr 2023 22:52:49 GMT
server: cloudflare
etag: W/"251-5f9a42aa9943c"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0faa3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 771 B
539 B 71ms
71ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 149172
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"303-5f94c83ffce09"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fab3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 arrow-right-tertiary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
326 B 68ms
68ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-tertiary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398705
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 25 Apr 2023 20:20:29 GMT
server: cloudflare
etag: W/"12e-5fa2edac4af63"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f0f0fad3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 Haleon-4466.jpg
www.haleon.com/content/dam/haleon/corporate/images/our-impact/ 212 KB
213 KB 66ms
64ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/our-impact/Haleon-4466.jpg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72b9760e75abde5f4ac7f7879ddcffb9d4eda4ba310147588c007f2bf1b0b701

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1429345
cf-polished: origSize=217410, status=webp_bigger
content-length: 217402
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Mar 2023 11:22:10 GMT
server: cloudflare
etag: "35142-5f716c9cea9ea"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0f4fe03668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 site.min.337fa8abe56ed821e49dc6e2baf9ee44.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 6 KB
2 KB 65ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.337fa8abe56ed821e49dc6e2baf9ee44.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=6025
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"1789-5f94c83fb0040"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f6fff3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 223 B
2 KB 53ms
49ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 23:42:35 GMT
server: cloudflare
etag: W/"df-5f9546543538c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68013668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/ 1 KB
734 B 53ms
49ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=1312
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"520-5f94c83fb9c81"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68023668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.10ba16241f3d21842bf7517421cbede5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 1 KB
771 B 53ms
49ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.10ba16241f3d21842bf7517421cbede5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=1344
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"540-5f94c840056c2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68043668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.5ece5042d81f608e93412b5d9c8a9930.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 3 KB
1 KB 55ms
52ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.5ece5042d81f608e93412b5d9c8a9930.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5bced06b64e84e26609cf7116dbbc4bc23d73190254eef308d853cebca421f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=3577
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"df9-5f94c83fb4e61"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68053668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 748 B
422 B 54ms
50ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1813986
cf-polished: origSize=749
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"2ed-5f931ceb7960b"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68063668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 39 B
147 B 53ms
50ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: "27-5f94c83fc67a1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0f68083668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 39 B
126 B 56ms
52ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: "27-5f94c84001124"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0f68093668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/ 7 KB
4 KB 58ms
55ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955716
cf-polished: origSize=6838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:42 GMT
server: cloudflare
etag: W/"1ab6-5f931ced1dd1b"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f680a3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 716 B
2 KB 56ms
53ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=717
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:31 GMT
server: cloudflare
etag: W/"2cd-5f94c84037b74"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f680b3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.a93f7e904673f385596510a3e318c968.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 2 KB
1 KB 56ms
53ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.a93f7e904673f385596510a3e318c968.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=2306
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 22:52:47 GMT
server: cloudflare
etag: W/"902-5f9a42a881dbc"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f680e3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 39 B
182 B 58ms
55ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 393633
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: "27-5f94c83fb69b9"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f0f68103668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 175 KB
48 KB 57ms
54ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955715
cf-polished: origSize=179831
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:41 GMT
server: cloudflare
etag: W/"2be77-5f931cec59bef"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68113668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 5 KB
2 KB 70ms
67ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=4844
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 22:52:45 GMT
server: cloudflare
etag: W/"12ec-5f9a42a6f59d2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68143668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 container.min.64e934d0a16266574945c8fb92e68316.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 751 B
443 B 56ms
53ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.min.64e934d0a16266574945c8fb92e68316.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=752
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 03:16:48 GMT
server: cloudflare
etag: W/"2f0-5f97f9f0fd679"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68183668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 site.min.aa46d38d774e0f8b6abfb1d1b236d489.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 6 KB
2 KB 58ms
55ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.aa46d38d774e0f8b6abfb1d1b236d489.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1950101
cf-polished: origSize=6390
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"18f6-5f931ceb8324b"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f681a3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 b.min.js Show response
unpkg.com/website-carbon-badges@1.1.3/ 2 KB
1 KB 141ms
79ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/website-carbon-badges@1.1.3/b.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1785298
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GZ366A2YS0MKTY4RTHYWCK9A-fra
server: cloudflare
etag: W/"792-NRepadguwX6vXqMB5vpqAqsoUJA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7c973f10083a91ea-FRA

GET
H2 200 gtm.min.5faae227c57de25f4854b29539035da1.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 465 B
405 B 56ms
53ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/gtm.min.5faae227c57de25f4854b29539035da1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:31 GMT
server: cloudflare
etag: W/"1d1-5f94c840ad263"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f681c3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 frame-manager.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/ 7 KB
3 KB 56ms
54ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/frame-manager.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1950926
cf-polished: origSize=7512
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"1d58-5f931ceb776ca"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68203668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.bb70b6c986cacb6563f193629ee6c3db.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 23 KB
7 KB 60ms
58ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.bb70b6c986cacb6563f193629ee6c3db.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80e843b598ab506ad28a09570f26d822ac24b301165822aafede41917e2130fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=30789
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 09:56:36 GMT
server: cloudflare
etag: W/"7845-5f948db5cff06"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68233668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/ 3 KB
1 KB 65ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1954215
cf-polished: origSize=3307
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 06:26:40 GMT
server: cloudflare
etag: W/"ceb-5f931ceb74c40"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68273668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 site.min.b06ae959f463530b64fc1fb044b0d743.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 9 KB
3 KB 65ms
62ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b06ae959f463530b64fc1fb044b0d743.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=19825
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 14:18:30 GMT
server: cloudflare
etag: W/"4d71-5f94c83fc6306"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68293668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 55 KB
18 KB 65ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fbd6fa0d38828afa783ef7e3b7b134776b2bb662e0f9fad65700c3a811c34e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=56345
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 09:56:36 GMT
server: cloudflare
etag: W/"dc19-5f948db526bf7"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f682d3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 jquery.min.e8b3debede90df40df8881108ba067d8.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/ 98 KB
35 KB 63ms
61ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery.min.e8b3debede90df40df8881108ba067d8.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=100794
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 23:42:35 GMT
server: cloudflare
etag: W/"189ba-5f95465475176"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68313668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 csrf.min.652a558c3774088b61b0530c184710d1.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 4 KB
3 KB 64ms
62ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 398704
cf-polished: origSize=3618
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 23:42:35 GMT
server: cloudflare
etag: W/"e22-5f9546547267d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7c973f0f68333668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame F3AE 87 KB
30 KB 76ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1684445898.dop109.am5.t,1684445898.cds296.am5.hn,1684445898.cds004.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK WebResource.axd Show response
irs.tools.investis.com/Clients/ Frame F3AE 23 KB
5 KB 39ms
38ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/WebResource.axd?d=l5N7JybNhTLypzkQMlX1RrPYYa8-IfbiBWYX_dYWV_-vM6XOdd77mh2SHc-7kSraa555GZ-6dGUDwvcK0oYqjlubHjc1&t=637823365705833095

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Tue, 08 Mar 2022 11:42:50 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=78223
Connection: keep-alive
Content-Length: 4627
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 19:22:01 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame F3AE 100 KB
25 KB 75ms
74ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/ScriptResource.axd?d=phUDbPSTuDJhZPpKVPyUofwev3inlBV9AJTGAba8tTaFl-AqjaLWYLe8UT2gWqRF1g5xQV9wptY0aHDMZxEhioiUdRdSeQ4BqoFAOqq3HCKdP5AcHwRvJTrJWvm7kSUqsW7v5yf5yTprzV72r_i01wI0rF01&t=ffffffffaa493ab8

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Wed, 17 May 2023 06:39:23 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=32254
Connection: keep-alive
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 06:35:52 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame F3AE 39 KB
10 KB 75ms
35ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/ScriptResource.axd?d=FwYZ1XsKukon8O-wmMqiEW1BO-M_bBNvwFeKg9zmPSUio3tINVA5oz2-K4n8Yv6FsCAhGyNDdOuwu5M71wNzdfr5Uk8k9RFjsv6kd3t3-6R_F-6RCD-Hjl4oB6KAFlSW8NlAberr3rkLS_TwVZNhhPoRppWtzRDH6R5LvOmhuAIB_85w0&t=ffffffffaa493ab8

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Wed, 17 May 2023 09:06:19 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=36002
Connection: keep-alive
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 07:38:20 GMT

GET
H/1.1 200
OK iframeResizer_child_v2.js Show response
irs.tools.investis.com/Clients/default/scripts/ Frame F3AE 6 KB
3 KB 83ms
39ms Script
application/javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/default/scripts/iframeResizer_child_v2.js

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 18 Sep 2014 06:04:43 GMT
ETag: "808fa2706d3cf1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2859
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ Frame 2374 87 KB
30 KB 78ms
36ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1684445898.dop109.am5.t,1684445898.cds296.am5.hn,1684445898.cds004.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK WebResource.axd Show response
irs.tools.investis.com/Clients/ Frame 2374 23 KB
5 KB 63ms
31ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/WebResource.axd?d=l5N7JybNhTLypzkQMlX1RrPYYa8-IfbiBWYX_dYWV_-vM6XOdd77mh2SHc-7kSraa555GZ-6dGUDwvcK0oYqjlubHjc1&t=637823365705833095

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Tue, 08 Mar 2022 11:42:50 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=78223
Connection: keep-alive
Content-Length: 4627
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 19:22:01 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 2374 100 KB
25 KB 90ms
48ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Wed, 17 May 2023 06:39:23 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=32254
Connection: keep-alive
Content-Length: 25609
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 06:35:52 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
irs.tools.investis.com/Clients/ Frame 2374 39 KB
10 KB 75ms
31ms Script
application/x-javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Wed, 17 May 2023 09:06:19 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public, max-age=36002
Connection: keep-alive
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 May 2023 07:38:20 GMT

GET
H/1.1 200
OK iframeResizer_child_v2.js Show response
irs.tools.investis.com/Clients/default/scripts/ Frame 2374 6 KB
3 KB 115ms
51ms Script
application/javascript 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/default/scripts/iframeResizer_child_v2.js

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 18 Sep 2014 06:04:43 GMT
ETag: "808fa2706d3cf1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2859
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Medium.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame F3AE 91 KB
91 KB 46ms
46ms Font
font/x-woff 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Medium.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:19 GMT
ETag: "f87e54586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Regular.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame F3AE 89 KB
90 KB 45ms
45ms Font
font/x-woff 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Regular.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:20 GMT
ETag: "6033fa586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Medium.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 2374 91 KB
91 KB 36ms
36ms Font
font/x-woff 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Medium.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:19 GMT
ETag: "f87e54586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NewHeroAccess-Regular.woff
irs.tools.investis.com/clients/uk/haleon_plc1/fonts/ Frame 2374 89 KB
90 KB 40ms
40ms Font
font/x-woff 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/clients/uk/haleon_plc1/fonts/NewHeroAccess-Regular.woff

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Origin: https://irs.tools.investis.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:20 GMT
ETag: "6033fa586952d91:0"
Content-Type: font/x-woff
Cache-Control: max-age=15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK down_new.png
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/ Frame F3AE 1 KB
2 KB 31ms
31ms Image
image/png 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/down_new.png

Requested by

Host: irs.tools.investis.com
URL: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

e999f2fecc27404272c7e1ec2b22f5c31efa2c0dab92745b648922a45a67673a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:23 GMT
ETag: "c969e5b6952d91:0"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1261
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK down_new.png
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/ Frame 2374 1 KB
2 KB 30ms
30ms Image
image/png 23.36.162.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/Images/down_new.png

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

e999f2fecc27404272c7e1ec2b22f5c31efa2c0dab92745b648922a45a67673a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15768000; includeSubDomains
Date: Thu, 18 May 2023 21:38:18 GMT
Last-Modified: Thu, 09 Mar 2023 09:27:23 GMT
ETag: "c969e5b6952d91:0"
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1261
X-XSS-Protection: 1; mode=block

GET
H2 200 token.json Show response
www.haleon.com/libs/granite/csrf/ 2 B
232 B 106ms
105ms XHR
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/libs/granite/csrf/token.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
cf-ray: 7c973f11daaf3668-FRA
expires: -1

GET
H2 200 widget.js Show response
cdn.userway.org/ 1 KB
1 KB 112ms
31ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c9731d3ff3c624274aad4990f366252d7a320ffd1fbc58b6e9309ec2f8259c89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:18 GMT
via: 1.1 9f25aa45df27e50f380232059fde4c1a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ZRH55-P1
age: 127
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 967
x-accel-date: 1684444931
x-77-nzt: AcO1qhH697D/xwMAAA
x-accel-expires: @1684448531
last-modified: Thu, 18 May 2023 13:09:51 GMT
server: CDN77-Turbo
etag: W/"76db1cbb690b8504320003d49c87efba"
x-77-nzt-ray: 4c1562240979b599ca9a6664d3857625
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: T6l1smxMOHZA2K727cEo09pVXaNh85iK-79mFlNlDlfUz45YE5Q93g==

GET
H2 200 sharefeed-lse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 149 B
320 B 82ms
81ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-lse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae7c05be406c9fd5c9978d47a346835b44b6e4716fa26a60992bbb65b5890d5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 149
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 7c973f11fad43668-FRA
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 sharefeed-nyse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 147 B
232 B 106ms
106ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-nyse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188c1cc3f4e80c1896f49ab9a6b1e7b5b33494d03401edcebcaf8daf3afbf57a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 147
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 7c973f11fad63668-FRA
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 vector-grid.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/vector-grid.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7010ae5b97d40c090a0874cc907be6f4527bc91f073b186c85d567069a6b9a38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 320410
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 17 Apr 2023 08:54:03 GMT
server: cloudflare
etag: W/"86a-5f9845527d59d"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f120ae73668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 chevron-right-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 243 B
307 B 30ms
30ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chevron-right-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5f819a3646ded3c72b22ed7e5786d106862362a080da10f2396c0a3fe96ef98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.63fa72911726fc20078eba97ba8466cf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 398703
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 14 Apr 2023 14:18:37 GMT
server: cloudflare
etag: W/"f3-5f94c845f2929"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f120aeb3668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
78 KB 99ms
46ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37a9093c377b0a66aba9bf0c3b90761becb943dc9e7a333bbc31d9c338544335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79521
x-xss-protection: 0
last-modified: Thu, 18 May 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 May 2023 21:38:18 GMT

GET
H2 200 b Show response
api.websitecarbon.com/ 62 B
616 B 195ms
130ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.websitecarbon.com/b?url=https%3A%2F%2Fwww.haleon.com%2F
Requested by: Host: unpkg.com
URL: https://unpkg.com/website-carbon-badges@1.1.3/b.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89b77da52d27ad988514f205cae84b19df0ea4a69825b21ec520fff24ca1b49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmcFd7WyjzUozr8EYGEa6S%2FdunRT9Kp3G5LDdPwYTL%2FXKSGTrb8njyypn4IO3TRaAN%2F62HQOw%2B1bo9AlXRkD8YxIIqQR%2Fw2ERW%2FlfXY6YcJ2RvNGHazWPIzT%2BxXc2E0Jh1j1F0iw3j1IWt%2FI4SAJlFLAA%2F8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json;charset=UTF-8
x-robots-tag: noindex
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7c973f12cd383736-FRA

GET
H2 200 articlefilterpane.model.json Show response
www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/ 2 KB
874 B 133ms
132ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/articlefilterpane.model.json?start=0&selectedYear=0

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65b6a910914dd9c69724a29b58547122d54ceeab4b5c5aad8aae95d56b844af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: EXPIRED
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 18 May 2023 21:37:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: public, max-age=30
cf-ray: 7c973f12ab813668-FRA
expires: Thu, 18 May 2023 21:38:48 GMT

GET
H2 200 atc.min.js Show response
cdn.addevent.com/libs/atc/1.6.1/ 32 KB
8 KB 101ms
21ms Script
application/javascript 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.addevent.com/libs/atc/1.6.1/atc.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-114.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ac3e0475f250086b64cd8e92b65fe18dcfb680f15bbfa97dc828d7bc91dd917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 16:56:28 GMT
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P5
age: 16911
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 16 Nov 2022 22:51:47 GMT
server: AmazonS3
etag: W/"3069b5060dd3d9d781761cbea140fc15"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-amz-cf-id: hEcqX1RuEKrY5FUPx997CAKhb7-YmuSaKT-Jz6s6NjBSVpUa2K-JYw==

GET
H2 200 _jcr_content.socialfeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 0
1 KB 132ms
131ms Fetch 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.socialfeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
bsg-cdn: P
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Wed, 19 Apr 2023 08:38:43 GMT
server: cloudflare
etag: "0-5f9ac5a02d3da"
x-frame-options: SAMEORIGIN
cache-control: max-age=900
accept-ranges: bytes
cf-ray: 7c973f12ab823668-FRA
expires: Thu, 18 May 2023 21:53:18 GMT

GET
H2 200 _jcr_content.youtubefeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 2 KB
804 B 116ms
115ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.youtubefeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84f17cf66752af3100642be872dba44f42024fee240f689d08664289720f4ffa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 7c973f12ab833668-FRA
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 rum Show response
www.haleon.com/cdn-cgi/ 0
147 B 26ms
25ms XHR
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/rum?

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

CSRF-Token: undefined
Referer: https://www.haleon.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.haleon.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c973f12bb913668-FRA

GET
H2 200 widget_app_base_1684415199146.js Show response
cdn.userway.org/widgetapp/2023-05-18/ 133 KB
39 KB 37ms
37ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-05-18/widget_app_base_1684415199146.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d6febaf3dbd84c73c767ea5e0fa4a6bbb46fd9955250608f27fda2bfcd78476

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:18 GMT
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ZRH55-P1
age: 59
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 29842
x-accel-date: 1684416056
x-77-nzt: AcO1qhFE1B3/knQAAA
x-accel-expires: @1710336056
last-modified: Thu, 18 May 2023 13:09:47 GMT
server: CDN77-Turbo
etag: W/"060072af45ecb6b2c1404d84c9d36baa"
x-77-nzt-ray: 4c1562240979b599ca9a66646fb27f28
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: DcZdZEm_Cd6pwZwATzrmGSg4-ab8GSgGcSlqPmEQ7ud0KARWvTkYrA==

POST
H2 200 XJzryPgNCX Show response
api.userway.org/api/tunings/ 2 KB
2 KB 811ms
168ms XHR
application/json 54.245.246.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/XJzryPgNCX
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.245.246.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-246-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d022a49c44f4c04fd9d009056da79769411a0255c5ce7c1d7c59867e4f8e05a0

Request headers

Referer: https://www.haleon.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 18 May 2023 21:38:19 GMT
etag: W/"69f-TYNPjLZouHYU3eZPIWm+rQgNy/w"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usrd8c36cf8e70d4a7
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1695
x-service-version: uw-pr

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 88ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dae472b3438e8f0e99468fbacaf1cc23c1d6582abe7619f806d4f51a34eb693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 May 2023 21:08:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 May 2023 21:38:18 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 93ms
31ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JYwMFRCSwBZdNsd6Nb17qg==
age: 59255
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6766
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 06:33:39 GMT
server: cloudflare
etag: 0x8DB56A0A683D6FF
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: caa5472e-b01e-000b-7218-89c092000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f13da6418bf-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 115ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdbab421a66229fcaeb8d362f14cb6cf3cb32249af3593a397ee5723f3f91f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 18 May 2023 21:38:18 GMT

GET
H2 200 5%20Haleon%20and%20Microsoft%20Seeing%20AI%2010.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 105 KB
106 KB 35ms
35ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/5%20Haleon%20and%20Microsoft%20Seeing%20AI%2010.jpg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.c5c2ccb444f97d4fbdbb01c3a1889480.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

382df676d5087471e0aac0d73f8264b36074d17a3897f62f88bb62ca520e4f84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 1955674
cf-polished: origSize=107862, status=webp_bigger
content-length: 107854
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Mar 2023 11:22:13 GMT
server: cloudflare
etag: "1a556-5f716c9f5cd8e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f13dcc13668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 4%20Haleon%20joins%20zero100.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 192 KB
192 KB 43ms
32ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/4%20Haleon%20joins%20zero100.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf969a8efc38b1113da52708b3b75f8ba99013291b43cf1d6c39f4d01f8dcdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 2166681
cf-polished: origSize=196350, status=webp_bigger
content-length: 196342
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Mar 2023 13:02:49 GMT
server: cloudflare
etag: "2fefe-5f71831bd30af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f13fce23668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 6%20Longer%20healthier%20lives%20more%20likely%20in%20countries.jpg
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 183 KB
184 KB 42ms
31ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/6%20Longer%20healthier%20lives%20more%20likely%20in%20countries.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d77f856767d92434228b3cec1b6b04e2b75e99c7dc4833aad677c4cf6c3ea2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:18 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 2166681
cf-polished: origSize=187664, status=webp_bigger
content-length: 187656
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 17 Mar 2023 11:22:15 GMT
server: cloudflare
etag: "2dd10-5f716ca14d978"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f13fce33668-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 86714296-61df-485c-b4cf-db59eb2bc854.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/ 4 KB
2 KB 82ms
35ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/86714296-61df-485c-b4cf-db59eb2bc854.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81396aff68099a30df2c9f2e991ae7de040c7ccca31cf166e413b936bebeb89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bpXEDkpfrN90cTe2Hzx1Cg==
age: 46772
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1697
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 16:04:57 GMT
server: cloudflare
etag: 0x8DB0DDC0D93FE1C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9bf47234-601e-0002-48e1-5ada1c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f146b399b40-FRA
expires: Fri, 19 May 2023 21:38:18 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/ 198 KB
62 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e50626d8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 18:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62719
x-xss-protection: 0
last-modified: Wed, 17 May 2023 00:19:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 18:07:03 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 101ms
42ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.haleon.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c973f14fe2737fc-FRA
access-control-allow-headers: Content-Type

GET
H2 200 haleon-logo-white.svg
www.haleon.com/content/experience-fragments/haleon/corporate/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/ 1 KB
2 KB 34ms
34ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/haleon-logo-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:19 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 2137420
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 21 Mar 2023 11:54:35 GMT
server: cloudflare
etag: W/"573-5f767b5145ba1"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7c973f14cdf13668-FRA
expires: Fri, 19 May 2023 21:38:19 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/ 402 KB
96 KB 38ms
38ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0jjE9bRWjdK9YwiQScw/ZQ==
age: 677
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98329
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:10 GMT
server: cloudflare
etag: 0x8DB1098882046FE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f4a7c09e-401e-00f0-5f32-790888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f154c3e18bf-FRA

GET
H2 200 en-gb.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/47d87d9a-2b4c-45bf-a19e-8c6d0bb6d9c0/ 34 KB
10 KB 33ms
32ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/47d87d9a-2b4c-45bf-a19e-8c6d0bb6d9c0/en-gb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27f85606511c216437ed08423eef32d48afdcbccf43f6803d812513f9b7c2ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +7ZZiktTsEQEVSV6EI3t2A==
age: 62429
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 9992
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 16:05:00 GMT
server: cloudflare
etag: 0x8DB0DDC0F4404D6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec42d2f4-101e-0102-61e1-5a9c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f160cd99b40-FRA
expires: Fri, 19 May 2023 21:38:19 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 9 KB
3 KB 32ms
32ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3j6krUd8tta5DgtKf9NJpg==
age: 62429
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:04 GMT
server: cloudflare
etag: 0x8DB1098846D14B4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f796f8dd-001e-013f-72e1-5a296f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f165d1c9b40-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/ 63 KB
12 KB 34ms
34ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xU+Mf5Ypx1PXU5a5IAHoSg==
age: 50529
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12592
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:06 GMT
server: cloudflare
etag: 0x8DB1098855EF364
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 24265252-801e-016a-01e1-5ac218000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f165d1d9b40-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 21 KB
4 KB 52ms
52ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: dc037c81-d01e-00ba-1646-6e38ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c973f165d1e9b40-FRA

GET
H2 200 logo-haleon.svg
www.haleon.com/content/dam/cf-consumer-healthcare/bp-haleon/en_US/global/logo/ 0
111 B 31ms
30ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/cf-consumer-healthcare/bp-haleon/en_US/global/logo/logo-haleon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 21:38:19 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: *.linkedin.com *.userway.org https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 1953510
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 21 Mar 2023 07:17:03 GMT
server: cloudflare
etag: "0-5f763d4911edb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7c973f16cfbe3668-FRA
expires: Fri, 19 May 2023 21:38:19 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 31ms
30ms Fetch
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 62428
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 06:33:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: aaba64ed-901e-0053-4090-88c4e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c973f16dd909b40-FRA

GET
H2 200 H_MasterLogo_Colour_POS_RGB.png
cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/ 42 KB
42 KB 33ms
33ms Image
image/png 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/H_MasterLogo_Colour_POS_RGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nNAGf+eQ9T8Sg4dRXg/voQ==
age: 18120
content-length: 42768
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 16:32:05 GMT
server: cloudflare
etag: 0x8DA38EBF1BB494C
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 2dcb739d-d01e-001b-50e1-5af674000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c973f16fe9718bf-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 38ms
38ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 May 2023 21:38:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 55608
x-ms-lease-status: unlocked
last-modified: Wed, 17 May 2023 06:33:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: acfdd212-301e-0178-1ce5-88f604000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c973f16fe9b18bf-FRA

GET
H2 200 en-GB.json Show response
cdn.userway.org/widgetapp/2023-05-18/locales/ 468 B
904 B 70ms
28ms XHR
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-05-18/locales/en-GB.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:19 GMT
via: 1.1 d75d7156b5e1833582c3070298720664.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ZRH55-P1
age: 66
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 29706
x-accel-date: 1684416193
x-77-nzt: AcO1qhGXLfD/CnQAAA
x-accel-expires: @1710336193
last-modified: Thu, 18 May 2023 13:09:46 GMT
server: CDN77-Turbo
etag: W/"ae2d00e3f5dbecf4eb4c641c591a6154"
x-77-nzt-ray: 4c1562248e9463aacb9a6664b7acda23
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: oUtSA7WdC_gCs4-EmKOi129rVJbt90WINaa8R3xfTM3LAnSoguDgRw==

GET
H2 200 remediation_1684415199146.js Show response
cdn.userway.org/widgetapp/2023-05-18/remediation/ 157 KB
43 KB 28ms
27ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-05-18/remediation/remediation_1684415199146.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-18/widget_app_base_1684415199146.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e51b6d84415700f15bea9fb16e8fd413da539f3517b636d4ad66f0581aa86d9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:20 GMT
via: 1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ZRH55-P1
age: 116
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 29775
x-accel-date: 1684416125
x-77-nzt: AcO1qhF8rQf/T3QAAA
x-accel-expires: @1710336125
last-modified: Thu, 18 May 2023 13:09:47 GMT
server: CDN77-Turbo
etag: W/"621caf14e9b56ad7d227413ad6f58bd8"
x-77-nzt-ray: 4c1562240979b599cc9a6664a9006103
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: UPpDOql7rtc23t5d1-jF5yz9ZGIQpDBSLFdXYldmYElnvlqNxdJeTw==

GET
H2 200 AtZ92B862rDhUPzg.json Show response
cdn.userway.org/remediations/consolidated/1976382/ 161 KB
19 KB 31ms
31ms XHR
application/json 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1976382/AtZ92B862rDhUPzg.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 893dc3ad9c6cd9a445e70f0dc04cd039a6d59b6290d215389e827a9c9b9f342f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:20 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 3266
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 11685
x-accel-date: 1684434215
x-77-nzt: AcO1qhGWaPD/pS0AAA
x-accel-expires: @1715970215
last-modified: Thu, 18 May 2023 17:26:38 GMT
server: CDN77-Turbo
etag: W/"34066c5ecc752362251a69959919452a"
x-77-nzt-ray: 4c1562248e9463aacc9a6664a8b45a03
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: TfYNF6esB8dv6XwOSzZeGMjDf_O-bT-6obasMAJn8NKD7Yi-f_b8RA==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 31ms
31ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:20 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 75705
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 5990858
x-accel-date: 1678455042
x-77-nzt: AcO1qhGBXsj/ymlbAA
x-accel-expires: @1704375042
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: 4c1562240979b599cc9a66643d1f6206
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: rjZO8sST0XpBi4ycFRrwM2T3T7ljdFgmWwoHRbeneJPxqhDuGwVyYA==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:20 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 75705
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 5990858
x-accel-date: 1678455042
x-77-nzt: AcO1qhEsjab/ymlbAA
x-accel-expires: @1704375042
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 4c1562240979b599cc9a66641e556906
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 0cZficq4ub7vCRum-wz3tAKsU-VoR2M1L7qtEmrcowJ_EQHlMrTI8g==

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 168ms
168ms Preflight 54.245.246.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.245.246.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-246-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 18 May 2023 21:38:21 GMT
x-service-version: apps-afedf709

GET
H2 200 nav_menu_helper1684415199146.js Show response
cdn.userway.org/widgetapp/2023-05-18/remediation/ 22 KB
6 KB 30ms
30ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-05-18/remediation/nav_menu_helper1684415199146.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-18/widget_app_base_1684415199146.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.haleon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 18 May 2023 21:38:21 GMT
via: 1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: ZRH55-P1
age: 115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-77-cache: HIT
x-age: 29774
x-accel-date: 1684416127
x-77-nzt: AcO1qhGJGeP/TnQAAA
x-accel-expires: @1710336127
last-modified: Thu, 18 May 2023 13:09:47 GMT
server: CDN77-Turbo
etag: W/"8ad50e8de84df6abb8cb9fc3765b5ba6"
x-77-nzt-ray: 4c1562240979b599cd9a66647ccaa807
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: -8uHxsgdHG4T9TNYVj3zuNMmEejtoLslPQwjaLkdTFN8Sq3G4AmA-g==

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 182 B
522 B 169ms
169ms XHR
application/json 54.245.246.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.245.246.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-246-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f4099a62cefa134397911d449acd9d4af84088ba0f716dda13999578713ca300

Request headers

Referer: https://www.haleon.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 May 2023 21:38:21 GMT
etag: W/"b6-Y5DbBwdZ2AE/UFtIKAoiudBRcQI"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 182
x-service-version: apps-afedf709

OPTIONS
H2 200 pdf-links
api.userway.org/api/br-links/v0/ Frame 0
0 176ms
175ms Preflight 54.245.246.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.245.246.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-246-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 18 May 2023 21:38:21 GMT
x-service-version: apps-afedf709

POST
H2 200 pdf-links Show response
api.userway.org/api/br-links/v0/ 20 B
360 B 171ms
170ms XHR
application/json 54.245.246.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.245.246.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-245-246-59.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c

Request headers

Referer: https://www.haleon.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 May 2023 21:38:21 GMT
etag: W/"14-I+eLc34uO7lHPE89U9ERUA48pFo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 20
x-service-version: apps-afedf709

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
irs.tools.investis.com/	1970-01-20 12:04:10	Name: AWSALBCORS Value: iLyWaAIeP2XXxTELjAaufHPnfhMEV3zshfqkVw4CSOoyqtk6N6PQj/MrJA9Ns2OD9mKBrj9gTlGY91GbVxmb3bE8T9Nlc9lmf8M6ffSmTR7MWBWLiI5kqawBJrxX
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sBZOYMPFfTg
.youtube.com/	1970-01-20 16:13:17	Name: VISITOR_INFO1_LIVE Value: q3XNy_hSpK0
.haleon.com/	1970-01-20 20:39:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+May+18+2023+21%3A38%3A19+GMT%2B0000+(GMT)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=b040e5c1-9c53-4344-9644-90946ec43105&interactionCount=0&landingPath=https%3A%2F%2Fwww.haleon.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.haleon.com/(Line 20) Message: <link rel=preload> has an unsupported `type` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' data: .linkedin.com .userway.org https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
api.websitecarbon.com
cdn.addevent.com
cdn.cookielaw.org
cdn.userway.org
code.jquery.com
fonts.googleapis.com
geolocation.onetrust.com
haleon.com
irs.tools.investis.com
static.cloudflareinsights.com
unpkg.com
www.googletagmanager.com
www.haleon.com
www.youtube.com
18.66.112.114
2001:4de0:ac18::1:a:1a
23.36.162.220
2606:4700:4400::ac40:9062
2606:4700::6810:3965
2606:4700::6810:7baf
2606:4700::6812:1256
2606:4700::6813:bc61
2a00:1450:4001:810::200a
2a00:1450:4001:828::2008
2a00:1450:4001:829::200e
2a02:6ea0:c700::19
2a06:98c1:3120::3
54.245.246.59
85.90.236.47
00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb
01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff
01e31c5389626c8b4442dea473d9dc21c7b281ea552f75313f640789bf23299c
035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88
03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6
078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4
0c756b0b024a435129eca9014e98cc955dd97481285d9191b8d6c0a5749982d1
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db
16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade
188c1cc3f4e80c1896f49ab9a6b1e7b5b33494d03401edcebcaf8daf3afbf57a
1c2865a2dbf377d9916f4e21de56f5e61c097336314eb307e413f8af88eb805f
1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2
1d3922cdac3052d79c6f4762987bb29ebd1aa78e3a00e0449e594c7389406dd1
1d6f3e95d0bcf6423200dd54b96616aedc329a412bab352a0c281a9baa09247f
1e8fd8ddefcdceef8da0eaa61581e0f2a27792b3549adcb6cf8a8db59d3cc952
200f9498057b19d371e5bc177ed1e7efb4c830dca8c89b329054d89c4c305185
2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b
21c730f18cca39f60a57bc1417e93673eb96203323c648a644251ebac4408c34
27f85606511c216437ed08423eef32d48afdcbccf43f6803d812513f9b7c2ccd
2879b4eed0880c86b3806361f6f904842f1eec330184dff28cfb894a63ed0477
2c5bced06b64e84e26609cf7116dbbc4bc23d73190254eef308d853cebca421f
330a318c75af1ffc7ede4e88f68c4db19c25ae234cd4932ee8b5223876f16149
33110d24cbb506c398f40acebf7e9b4314b3644bda60332a7c993637c957bef1
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732
37a9093c377b0a66aba9bf0c3b90761becb943dc9e7a333bbc31d9c338544335
382df676d5087471e0aac0d73f8264b36074d17a3897f62f88bb62ca520e4f84
390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94
393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15
398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cf969a8efc38b1113da52708b3b75f8ba99013291b43cf1d6c39f4d01f8dcdc
4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577
55e2f5b2e1ab6c1d45745d9a99121b3d2b1e456eb5ab36895543e3f42665b1e9
55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6
564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366
5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551
5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398
5dae472b3438e8f0e99468fbacaf1cc23c1d6582abe7619f806d4f51a34eb693
5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e
5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c
620c34f9406063da6d8f8c2b6ae2e0858b409420022ba642fb0f48a31221e781
6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
695d8c36bd002e5695760f3633502344f785f3fbdbc8454d858fd2e197e0efc5
6d6febaf3dbd84c73c767ea5e0fa4a6bbb46fd9955250608f27fda2bfcd78476
6d77f856767d92434228b3cec1b6b04e2b75e99c7dc4833aad677c4cf6c3ea2c
6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f
6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05
6ee2551e31093d7ba5015d5f4ee7247ec8f82d40e3fc83e8bf30384c55706141
7010ae5b97d40c090a0874cc907be6f4527bc91f073b186c85d567069a6b9a38
72b9760e75abde5f4ac7f7879ddcffb9d4eda4ba310147588c007f2bf1b0b701
745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978
7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9
7ac3e0475f250086b64cd8e92b65fe18dcfb680f15bbfa97dc828d7bc91dd917
7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493
7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc
7d5832709c9d15ebe8c7636536717655053bdf5c9b066b9ff5819d8c5a6803b1
80e843b598ab506ad28a09570f26d822ac24b301165822aafede41917e2130fc
81396aff68099a30df2c9f2e991ae7de040c7ccca31cf166e413b936bebeb89f
81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a
84f17cf66752af3100642be872dba44f42024fee240f689d08664289720f4ffa
8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e
893dc3ad9c6cd9a445e70f0dc04cd039a6d59b6290d215389e827a9c9b9f342f
8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306
8c9dccb4b346171249ab7713c475e99dba8b2a662f6318dfc6a1baa8ab8deeda
8d9539d3349e684f8e47a24d224f9f669ec1da14ad76f9707562b8c84d341770
8ed5f5ca449bc01efd1589117449e19faa028d4e9db97137834384003a55c12e
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec
94fbd6fa0d38828afa783ef7e3b7b134776b2bb662e0f9fad65700c3a811c34e
97ffbd4d3e1e06635d9f6a34f3be4415629561f9814f962660d09820ae43b55d
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78
a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07
a89b77da52d27ad988514f205cae84b19df0ea4a69825b21ec520fff24ca1b49
a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826
ae7c05be406c9fd5c9978d47a346835b44b6e4716fa26a60992bbb65b5890d5d
b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392
b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561
b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d
b56b79f8811aa833678c36f8c604be4bcce447ffde377b1faf4c311eb55154e0
b5f819a3646ded3c72b22ed7e5786d106862362a080da10f2396c0a3fe96ef98
b60d31e87f46e64be5c43997e8deda163ff9934c5a21d4f24381ad534459ca78
b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e
ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5
bdbab421a66229fcaeb8d362f14cb6cf3cb32249af3593a397ee5723f3f91f90
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786
c9731d3ff3c624274aad4990f366252d7a320ffd1fbc58b6e9309ec2f8259c89
cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d022a49c44f4c04fd9d009056da79769411a0255c5ce7c1d7c59867e4f8e05a0
d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d
d65b6a910914dd9c69724a29b58547122d54ceeab4b5c5aad8aae95d56b844af
dcc9866372cf9a1322d0d62a36e81b1a7222afa4042ecd7d07fbd19fd9afcd76
de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33
dfe8046682d27741eccd1f94e78c0865d67573bf647e53226bdd344058130006
e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897
e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b6d84415700f15bea9fb16e8fd413da539f3517b636d4ad66f0581aa86d9b
e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3
e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03
e999f2fecc27404272c7e1ec2b22f5c31efa2c0dab92745b648922a45a67673a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4099a62cefa134397911d449acd9d4af84088ba0f716dda13999578713ca300
f50b9bf1a91f14edd5986100acdc7aa27b867f8b7539d11aac594c8469792b09
f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218
fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.haleon.com Open in urlscan Pro 2606:4700::6812:1256 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

100 %HTTPS

73 %IPv6

13 Domains

15 Subdomains

15 IPs

4 Countries

7733 kBTransfer

9988 kBSize

4 Cookies

23 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haleon.com Open in urlscan Pro
2606:4700::6812:1256 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

100 %
HTTPS

73 %
IPv6

13
Domains

15
Subdomains

15
IPs

4
Countries

7733 kB
Transfer

9988 kB
Size

4
Cookies

135 HTTP transactions
1 data transactions