urlscan.io logo urlscan.io
SecurityTrails logo

www.boots-uk.com Open in urlscan Pro
46.17.90.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://boots-uk.com/
Effective URL: https://www.boots-uk.com/
Submission Tags: tranco_l324
Submission: On April 16 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 54 HTTP transactions. The main IP is 46.17.90.198, located in United Kingdom and belongs to CWCS-PS CompuWeb Communications Services Ltd, GB. The main domain is www.boots-uk.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 7th 2023. Valid for: a year.
This is the only time www.boots-uk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 46.17.90.198 15510 (CWCS-PS C...)
1 104.18.10.207 13335 (CLOUDFLAR...)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:234... 15133 (EDGECAST)
2 2001:4860:480... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 142.250.184.232 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 104.244.42.136 13414 (TWITTER)
54 10
39    46.17.90.198 (United Kingdom)

ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB)
boots-uk.com
www.boots-uk.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net
www.googletagmanager.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
39 boots-uk.com
boots-uk.com
www.boots-uk.com
2 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
region1.google-analytics.com — Cisco Umbrella Rank: 2548
21 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1349
syndication.twitter.com — Cisco Umbrella Rank: 1755
31 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
264 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
90 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1153
7 KB
54 7
Domain Requested by
38 www.boots-uk.com www.boots-uk.com
3 platform.twitter.com www.boots-uk.com
platform.twitter.com
3 www.googletagmanager.com www.boots-uk.com
www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net www.boots-uk.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 syndication.twitter.com platform.twitter.com
1 www.facebook.com connect.facebook.net
1 maxcdn.bootstrapcdn.com www.boots-uk.com
1 boots-uk.com 1 redirects
54 10
Subject Issuer Validity Valid
www.boots-uk.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-07 -
2024-11-06		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-24 -
2024-04-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
syndication.twitter.com
R3		 2024-04-07 -
2024-07-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.boots-uk.com/
Frame ID: 67DB8F33A63074CB81F5CD81D422506C
Requests: 51 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.boots-uk.com
Frame ID: 2403CDA2DA771342DF26995EA88580D4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df82ba81e2f34466f7%26domain%3Dwww.boots-uk.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boots-uk.com%252Fffd5a622d51df5610%26relation%3Dparent.parent&container_width=310&height=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FBootsUK&locale=en_GB&sdk=joey&show_facepile=false&show_posts=true&small_header=true&width=500
Frame ID: 9DE6C90370A175D336D586281E6604B2
Requests: 1 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/BootsUKNews?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=285px&origin=https%3A%2F%2Fwww.boots-uk.com%2F&sessionId=abeb12afecf2faa16d3412259070a31fc4842f5c&showHeader=true&showReplies=false&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Frame ID: 0FD956122E680EC98E2C459262CC97AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Boots UK - Welcome to Boots UK

Page URL History Show full URLs

  1. http://boots-uk.com/ HTTP 307
    https://boots-uk.com/ HTTP 307
    http://boots-uk.com/ HTTP 301
    https://www.boots-uk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

10
IPs

4
Countries

2534 kB
Transfer

3978 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://boots-uk.com/ HTTP 307
    https://boots-uk.com/ HTTP 307
    http://boots-uk.com/ HTTP 301
    https://www.boots-uk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.boots-uk.com/
Redirect Chain
  • http://boots-uk.com/
  • https://boots-uk.com/
  • http://boots-uk.com/
  • https://www.boots-uk.com/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
d50493fed6e64858df87b2da5e0f6d0516b4f57502710931a94b429d0f7bae0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Apr 2024 04:32:21 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN SAMEORIGIN

Redirect headers

Content-Length
148
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Apr 2024 04:32:21 GMT
Location
https://www.boots-uk.com/
Server
Microsoft-IIS/8.0
X-Frame-Options
SAMEORIGIN
default.css
www.boots-uk.com/css/ 		23 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/default.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
319d16d607719a7606e3a0b6012c40f2c338aa5c1b840d635b7985e1c08b225f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094149a9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
styles2.css
www.boots-uk.com/css/ 		124 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/styles2.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
dc737484823bc3c8e356b453b3ab42f8bfef39905c5683732e7077325682c848
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de0940e3f1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
fonts.css
www.boots-uk.com/css/fonts/ 		777 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/fonts/fonts.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
006eb9398012d9a55ffb955c93818b61169863acf834edb49849d43cc5bd6e88
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411189"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
reveal.css
www.boots-uk.com/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/reveal.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
c9443256ff9f342a82ded47a767155481b73a47cfea157824b15c680db1dcc2e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094117b1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
jquery.modal.min.css
www.boots-uk.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/jquery.modal.min.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411e04"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:32:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1187
age
2164137
cdn-cachedat
11/26/2023 18:55:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4fbd15cb6047af93373f4f895639c8bf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f72c912a91eac1cb82014249d0b7d811
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
8751738dbb1c9544-LHR
cdn-requestpullsuccess
True
jquery-js-bundle.js.v638488387400000000
www.boots-uk.com/sb/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/sb/jquery-js-bundle.js.v638488387400000000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
591a4abf4e846636bed19461f887262ec0732ae6228a669f89d5c3411d8cabff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 16 Apr 2024 04:32:21 GMT
Server
Microsoft-IIS/8.0
ETag
"2681e4c7"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=864000, s-maxage=864000
Content-Length
31336
Expires
Fri, 26 Apr 2024 04:32:21 GMT
jqueryui-js-bundle.js.v638488387400000000
www.boots-uk.com/sb/ 		529 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/sb/jqueryui-js-bundle.js.v638488387400000000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
5b444e6f3835d576af67157dbdf4dc3188f19d6d419516b41bbefae06d11ac73
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 16 Apr 2024 04:32:21 GMT
Server
Microsoft-IIS/8.0
ETag
"5f4fd5fd"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=864000, s-maxage=864000
Content-Length
126946
Expires
Fri, 26 Apr 2024 04:32:21 GMT
jquery-unobstrusive-ajax-js-bundle.js.v638488387400000000
www.boots-uk.com/sb/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/sb/jquery-unobstrusive-ajax-js-bundle.js.v638488387400000000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
1ae8e559f929479c73865aefcbfde58e45448c4bd3d5f182bd437f12fb053c57
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 16 Apr 2024 04:32:21 GMT
Server
Microsoft-IIS/8.0
ETag
"d3cd96b3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=864000, s-maxage=864000
Content-Length
2456
Expires
Fri, 26 Apr 2024 04:32:21 GMT
jquery.modal.min.js
www.boots-uk.com/scripts/plugins/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/scripts/plugins/jquery.modal.min.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
d38637cf78a1acd29994d78937051f0c73eea776725f327673cb9dc213bcd320
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094101dd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
sdk.js
connect.facebook.net/en_GB/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c72f397ba425f076c186fa90867397bfb96cb15aa8029fd77c14c36257ad36d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Origin
https://www.boots-uk.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Apr 2024 04:32:25 GMT
content-md5
ucP2ufqljNsPvEk4IksGgg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
pHvodYWu15HQwGCRVhsTrqn7v/xBW2f1+OTLTuOg7Opj6PpY11u8bKPd1W+foX8qfpjYyzW9TuFn+XvwruXX/w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6931cec641e991779a9caed3b33c72f0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6d44b1bf9bcde174706510eca9ce1941"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 16 Apr 2024 04:41:22 GMT
3_bootsuk_1248x650_3.jpg
www.boots-uk.com/media/4788/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/4788/3_bootsuk_1248x650_3.jpg?width=1400&height=480&bgcolor=ffffff&rnd=132399679368470000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
5af3264d7da92824ad12bc23cda51d4d3005976afcffbaf681eeb2405dd35339
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c770567"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
89063
menopause-friendly-products-image-s.jpg
www.boots-uk.com/media/5934/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/5934/menopause-friendly-products-image-s.jpg?width=1400&height=480&bgcolor=ffffff&rnd=133089224942470000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
b983f2d2e901b32d6d654be3d258a572586f05252f3960f38b30f78b41255b0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c74702b"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
143019
no7.jpg
www.boots-uk.com/media/2288/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/2288/no7.jpg?width=1400&height=480&bgcolor=ffffff&rnd=130772115954470000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
b39d9296f3651b358d8596b5974fb95702be6b7dcbc49cecd97b59339d8a5c92
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c77a1b6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
130870
bmip-pharmacist.png
www.boots-uk.com/media/5373/ 		956 KB
957 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/5373/bmip-pharmacist.png?width=1400&height=480&bgcolor=ffffff&rnd=132871534435030000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
93e97a452cb52d9a226fbfeb89ee75c994fdee651f77f835c3e6d812738540f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c78b1f6"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
978806
jquery.reveal.js
www.boots-uk.com/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/scripts/jquery.reveal.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
aae9f0fd9151c2d9f38dda1a013b5a15836472c14b170d17f83499ed886d0510
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09410594"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
site-js-bundle.js.v638488387400000000
www.boots-uk.com/sb/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/sb/site-js-bundle.js.v638488387400000000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
969c5e9cdc4c854e597af31760c99e946d5ab27a66919027cec812315b0b527e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 16 Apr 2024 04:32:21 GMT
Server
Microsoft-IIS/8.0
ETag
"97acaeb7"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=864000, s-maxage=864000
Content-Length
11740
Expires
Fri, 26 Apr 2024 04:32:21 GMT
youtube.js
www.boots-uk.com/scripts/ 		419 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/scripts/youtube.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
97c06cbf85ac29b72df1d2a4b22a2abe3a93f27dd69f09f87133874ba34dfb0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411323"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
twitterFooterCookieNotification.js
www.boots-uk.com/scripts/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/scripts/twitterFooterCookieNotification.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
0e7444957209bbd943bf29b45c0dbf3c44e492e1bfdcb0ae2c99f3ec5bbfd778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Content-Encoding
gzip
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Thu, 22 Feb 2024 10:10:34 GMT
Server
Microsoft-IIS/8.0
ETag
"1da65775f959a0b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Accept-Ranges
bytes
gtm.js
www.googletagmanager.com/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LTWRKF
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b3763d3fa490edd1822cc2ab3b396bf81e76e18eb6b8a40732da0f34292f69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:32:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78888
x-xss-protection
0
last-modified
Tue, 16 Apr 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Apr 2024 04:32:25 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c72f397ba425f076c186fa90867397bfb96cb15aa8029fd77c14c36257ad36d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ucP2ufqljNsPvEk4IksGgg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
pHvodYWu15HQwGCRVhsTrqn7v/xBW2f1+OTLTuOg7Opj6PpY11u8bKPd1W+foX8qfpjYyzW9TuFn+XvwruXX/w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6931cec641e991779a9caed3b33c72f0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6d44b1bf9bcde174706510eca9ce1941"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 16 Apr 2024 04:41:22 GMT
Boots_logo.svg
www.boots-uk.com/css/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/Boots_logo.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
ce35823baeedf5714f8dc9c3c55d93e713239e7e69797448289403a936c1859c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411db9"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
3897
search-solid.svg
www.boots-uk.com/css/images/ 		833 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/search-solid.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
f4bb3ebd82b9c2d1182b7fd327e5495e2b3fee4083e4f8c046d3688cf0edf632
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094111c1"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
833
chevron-left-solid.svg
www.boots-uk.com/css/images/ 		482 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/chevron-left-solid.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
5399d593d92642f8ef2b20ab26cdd615a70d2ecf029d5c52a1fc8b3813cf29e8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411362"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
482
chevron-right-solid.svg
www.boots-uk.com/css/images/ 		527 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/chevron-right-solid.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
c4b25cd117c2010382d4d9bf2867f9644aff5058da3650ede80797a5565de549
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de0941108f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
527
quotes.svg
www.boots-uk.com/css/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/quotes.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
8ee32c22686eaf65cfd3ddf05cb8d7347599c7b16a0a3f00add8ed93f58083ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09411644"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1220
pm-in-horsham-4.jpg
www.boots-uk.com/media/lghhb4cm/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/lghhb4cm/pm-in-horsham-4.jpg?width=449&height=450&bgcolor=ffffff&rnd=133572281662630000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
e8c12f47472f23ac94b35cc22da006a9fb4212be38fd7248d8570597b587f2d6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Wed, 10 Apr 2024 12:12:07 GMT
Server
Microsoft-IIS/8.0
ETag
"1da8b404e601234"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
71604
shot_05_gb_no7_local_future_renew_02241926_main_crop.jpg
www.boots-uk.com/media/qmihfixo/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/qmihfixo/shot_05_gb_no7_local_future_renew_02241926_main_crop.jpg?width=449&height=450&bgcolor=ffffff&rnd=133571437934730000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
e286429ee965b373617374b3638314911301951fc7c43b927d00e6825709282d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 09 Apr 2024 12:47:21 GMT
Server
Microsoft-IIS/8.0
ETag
"1da8a7c10033d14"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
77716
boots-beauty-at-battersea.jpg
www.boots-uk.com/media/clnfgqbv/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/clnfgqbv/boots-beauty-at-battersea.jpg?width=449&height=450&bgcolor=ffffff&rnd=133561010657100000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
07e4b753a0e57bbb9d557c3f3a543194e9e8600582669da605ab927f022de51f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Thu, 28 Mar 2024 12:05:33 GMT
Server
Microsoft-IIS/8.0
ETag
"1da81083c2b621a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
116378
5.jpg
www.boots-uk.com/media/4791/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/4791/5.jpg?width=449&height=450&bgcolor=ffffff&rnd=132399679403700000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
b40b94bcb19d41eee094c2f4c32ef7420b88d621d4646e57c7870da2b8e4387c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c774cb5"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
70197
8.jpg
www.boots-uk.com/media/4793/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/4793/8.jpg?width=449&height=450&bgcolor=ffffff&rnd=132399679433970000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
3ba8bbdae55aaa2691adfcfb7d0c2dfb2028f1a87111573fa99e26858bfba7df
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c76a25e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
64734
4_1906_coventgarden-2623.jpg
www.boots-uk.com/media/4789/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/media/4789/4_1906_coventgarden-2623.jpg?width=449&height=450&bgcolor=ffffff&rnd=132399679394830000
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
a324ab3e0e630adf7f92846e730a0206d83bd8c9215172ce45fd1fb1c5afc404
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 14:10:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da64068c775daf"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=604800, immutable
Accept-Ranges
bytes
Content-Length
66351
pointerleft.png
www.boots-uk.com/css/images/ 		592 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/pointerleft.png
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
59245b13d40cf6a096ae9cbb61aeecf35edc54a664f9ec16fbea6be45d60876d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/default.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094110d0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
592
pointer.png
www.boots-uk.com/css/images/ 		589 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/pointer.png
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
43716ee529ab17ea5c774e1984c3318c7566ac74be142df70a1acea7c5af5d34
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094110cd"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
589
walgreens-boots-alliance.png
www.boots-uk.com/css/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/walgreens-boots-alliance.png
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
38b3a4f2d5897185b67d228d13e7ef7c4e4d127b2b22e4c2dd0ba4a4bab8302d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09413d1d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12189
facebook-f-brands.svg
www.boots-uk.com/css/images/ 		626 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/facebook-f-brands.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
e80cffc53b779bd8be53e2d79738bbe0ff413ef33bb88d3c0f1974337c2ff048
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094110f2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
626
youtube-brands.svg
www.boots-uk.com/css/images/ 		847 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/youtube-brands.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
117befffd8059d90ae01eea589c40c2cdc0a0ce5ef73d8c50bf4c79dbc211ced
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094111cf"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
847
twitter-brands.svg
www.boots-uk.com/css/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boots-uk.com/css/images/twitter-brands.svg
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
29af21c9adc32e60b6478f241a57edb28459c133d517512d161e9c552e16e741
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:22 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094116a9"
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1065
bootssharp-regular-webfont.woff2
www.boots-uk.com/css/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/fonts/bootssharp-regular-webfont.woff2
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
b869f2ac979a87de91fae69f5d05241af039d8a2e176e09cde13c66a339f892f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Origin
https://www.boots-uk.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de094165d0"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Accept-Ranges
bytes
Content-Length
30544
bootssharp-bold-webfont.woff2
www.boots-uk.com/css/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/fonts/bootssharp-bold-webfont.woff2
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/css/styles2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
057c557650e5d56ed0bbc0e3d235ef6718043d2ce2b521e9fb62b5677eb4903f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/css/styles2.css
Origin
https://www.boots-uk.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:21 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09414a34"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Accept-Ranges
bytes
Content-Length
22708
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.boots-uk.com
URL: https://www.boots-uk.com/sb/jquery-js-bundle.js.v638488387400000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 04:32:25 GMT
Content-Encoding
gzip
Age
493
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6BA4)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_GB/ 		303 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=b1b1faf29bdbae7bd921fc15a31dafdb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3776d8a28cfbd400fe432b444297eaf2470f9e57cceae163a3f6cf080371fb31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Origin
https://www.boots-uk.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Apr 2024 04:32:25 GMT
content-md5
uPP9pfK4qLDDTN47Z57ptA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88712
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=20, mss=1294, tbw=6397, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
lShlxvmvmME/gvfne6TDEKAnxHsr5hGd0oY3k57M0k2+iGjrmsamP9tgv54WSy9Ljahk6psW0ipVifYMnWhAYg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9472809e1612a0086eea6cea33866300
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"527d04972aedb5e1dd9d0877773c86c3"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 16 Apr 2025 03:01:21 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J5LED9KWGV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LTWRKF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d0f2e0ccfc9179ff124a1d475d10e0a568ad2427a87f39e6f239cb16a4b3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:32:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99640
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Apr 2024 04:32:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LTWRKF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Apr 2024 03:10:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4895
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 16 Apr 2024 05:10:50 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2403 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.boots-uk.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.boots-uk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1909737
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Apr 2024 04:32:25 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J5LED9KWGV&gtm=45je44f0v893901092z8848453771za200&_p=1713241945172&gcd=13l3l3l3l1&npa=0&dma=0&cid=1654938516.1713241946&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713241945&sct=1&seg=0&dl=https%3A%2F%2Fwww.boots-uk.com%2F&dt=Boots%20UK%20-%20Welcome%20to%20Boots%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4471
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J5LED9KWGV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 04:32:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.boots-uk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2033030201&t=pageview&_s=1&dl=https%3A%2F%2Fwww.boots-uk.com%2F&ul=en-gb&de=UTF-8&dt=Boots%20UK%20-%20Welcome%20to%20Boots%20UK&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=389330385&gjid=1099176799&cid=1654938516.1713241946&tid=UA-18696731-1&_gid=245623766.1713241946&_r=1&_slc=1&gtm=45He44f0n815LTWRKFv848453771za200&gcd=13l3l3l3l1&dma=0&z=688673144
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b6d419be0f8d34d19fde6323498c0e6781844ca5275381fa3764d2063118dc11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 04:32:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.boots-uk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CR6JJ8DDZ3&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c7f62b2d2bd3e07d7dd4faace1945fc413119091fabfcda2bd52d7995dabdee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:32:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90793
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Apr 2024 04:32:25 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CR6JJ8DDZ3&gtm=45je44f0v9125761425za200&_p=1713241945172&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-gb&sr=1600x1200&cid=1654938516.1713241946&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.boots-uk.com%2F&dt=Boots%20UK%20-%20Welcome%20to%20Boots%20UK&sid=1713241946&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CR6JJ8DDZ3&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 16 Apr 2024 04:32:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.boots-uk.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
timeline.e108540dddc96e4b707f5cf259a582d7.js
platform.twitter.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BA4) /
Resource Hash
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 16 Apr 2024 04:32:26 GMT
Content-Encoding
gzip
Age
1909673
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2965
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (amb/6BA4)
Etag
"e1b37e9fee06488be9c4cff0558f4e37+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
page.php
www.facebook.com/v6.0/plugins/ Frame 9DE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v6.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df82ba81e2f34466f7%26domain%3Dwww.boots-uk.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.boots-uk.com%252Fffd5a622d51df5610%26relation%3Dparent.parent&container_width=310&height=285&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FBootsUK&locale=en_GB&sdk=joey&show_facepile=false&show_posts=true&small_header=true&width=500
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=b1b1faf29bdbae7bd921fc15a31dafdb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.boots-uk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Apr 2024 04:32:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=10, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=483, ullat=0
x-fb-debug
8f4hO5Cm1hVyHgS6q587wrbiFCjPL/D4jIsANppiGqx3+OWQlxR8t5fHhbXgVpeGvdTluWgbm0r3O8BI3OHzQA==
x-xss-protection
0
BootsUKNews
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 0FD9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/BootsUKNews?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=285px&origin=https%3A%2F%2Fwww.boots-uk.com%2F&sessionId=abeb12afecf2faa16d3412259070a31fc4842f5c&showHeader=true&showReplies=false&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://www.boots-uk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
must-revalidate, max-age=60
content-encoding
gzip
content-length
1833
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 04:32:26 GMT
etag
"148a-8cz9qyusTNiTyW/uSXpjhNzOaps"
perf
7469935968
server
tsa_f
strict-transport-security
max-age=631138519
x-connection-hash
e6b7a3071a2ae4ad95409ec285f0d6927fc1083ae93a3b4abd5b1e3bbbada321
x-response-time
134
x-transaction-id
6b1f34d616ea9ea6
x-xss-protection
0
favicon.ico
www.boots-uk.com/css/images/ 		15 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.boots-uk.com/css/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
46.17.90.198 , United Kingdom, ASN15510 (CWCS-PS CompuWeb Communications Services Ltd, GB),
Reverse DNS
Software
Microsoft-IIS/8.0 /
Resource Hash
cf5e5c7ef57461159bc7b0718761b61181b4c6e52f32b57c1a329959e6b69c0a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.boots-uk.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
Date
Tue, 16 Apr 2024 04:32:23 GMT
Last-Modified
Tue, 20 Feb 2024 09:20:25 GMT
Server
Microsoft-IIS/8.0
ETag
"1da63de09412eae"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
15406

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer function| $ function| jQuery function| toggleVideo object| bootsUK object| TwitterCookieFooterNotification object| slideshow function| initCustomColors function| loadingOn function| loadingOff object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __buffer object| __twttrll object| twttr object| __twttr function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

6 Cookies

Domain/Path Name / Value
www.boots-uk.com/ Name: .AspNetCore.Antiforgery.Iy_kfAUt8Eg
Value: CfDJ8LSgAwsYG49Dn3rTLry_Y36e0IXQiwsgNwPAquke7VWbIgkzywMzgePV-A3VP64tCXzxfieeZqDx6nSwiZgL8uJ6Mq5_MA4hgyBqshsBOrLUsSslblgN7CPP21MG0MThmeIaOmd4Bw-toNnFYHMhWZ8
.boots-uk.com/ Name: _ga_J5LED9KWGV
Value: GS1.1.1713241945.1.0.1713241945.0.0.0
.boots-uk.com/ Name: _ga
Value: GA1.2.1654938516.1713241946
.boots-uk.com/ Name: _gid
Value: GA1.2.245623766.1713241946
.boots-uk.com/ Name: _gat_UA-18696731-1
Value: 1
.boots-uk.com/ Name: _ga_CR6JJ8DDZ3
Value: GS1.2.1713241946.1.0.1713241946.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com platform.twitter.com ton.twimg.com; script-src 'unsafe-eval' 'unsafe-inline' 'self' https://www.google-analytics.com https://www.googletagmanager.com https://code.jquery.com/ https://ajax.googleapis.com/ www.gstatic.com www.google.com/recaptcha/api.js cdnjs.cloudflare.com pixel.mathtag.com c212.net connect.facebook.net cdn.c212.net platform.twitter.com cdn.syndication.twimg.com; font-src 'self' maxcdn.bootstrapcdn.com; img-src 'self' 'unsafe-inline' www.gravatar.com data: syndication.twitter.com pixel.mathtag.com abs.twimg.com pbs.twimg.com via.placeholder.com platform.twitter.com ton.twimg.com; frame-src 'self' www.google.com pixel.mathtag.com platform.twitter.com www.facebook.com syndication.twitter.com www.youtube.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com;
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

boots-uk.com
connect.facebook.net
maxcdn.bootstrapcdn.com
platform.twitter.com
region1.google-analytics.com
syndication.twitter.com
www.boots-uk.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.18.10.207
104.244.42.136
142.250.184.232
2001:4860:4802:32::178
2001:4860:4802:32::36
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:827::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
46.17.90.198
006eb9398012d9a55ffb955c93818b61169863acf834edb49849d43cc5bd6e88
057c557650e5d56ed0bbc0e3d235ef6718043d2ce2b521e9fb62b5677eb4903f
07e4b753a0e57bbb9d557c3f3a543194e9e8600582669da605ab927f022de51f
0b3763d3fa490edd1822cc2ab3b396bf81e76e18eb6b8a40732da0f34292f69b
0e7444957209bbd943bf29b45c0dbf3c44e492e1bfdcb0ae2c99f3ec5bbfd778
117befffd8059d90ae01eea589c40c2cdc0a0ce5ef73d8c50bf4c79dbc211ced
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1ae8e559f929479c73865aefcbfde58e45448c4bd3d5f182bd437f12fb053c57
29af21c9adc32e60b6478f241a57edb28459c133d517512d161e9c552e16e741
319d16d607719a7606e3a0b6012c40f2c338aa5c1b840d635b7985e1c08b225f
3776d8a28cfbd400fe432b444297eaf2470f9e57cceae163a3f6cf080371fb31
38b3a4f2d5897185b67d228d13e7ef7c4e4d127b2b22e4c2dd0ba4a4bab8302d
3ba8bbdae55aaa2691adfcfb7d0c2dfb2028f1a87111573fa99e26858bfba7df
43716ee529ab17ea5c774e1984c3318c7566ac74be142df70a1acea7c5af5d34
5399d593d92642f8ef2b20ab26cdd615a70d2ecf029d5c52a1fc8b3813cf29e8
591a4abf4e846636bed19461f887262ec0732ae6228a669f89d5c3411d8cabff
59245b13d40cf6a096ae9cbb61aeecf35edc54a664f9ec16fbea6be45d60876d
5af3264d7da92824ad12bc23cda51d4d3005976afcffbaf681eeb2405dd35339
5b444e6f3835d576af67157dbdf4dc3188f19d6d419516b41bbefae06d11ac73
5d0f2e0ccfc9179ff124a1d475d10e0a568ad2427a87f39e6f239cb16a4b3ff8
8ee32c22686eaf65cfd3ddf05cb8d7347599c7b16a0a3f00add8ed93f58083ca
93e97a452cb52d9a226fbfeb89ee75c994fdee651f77f835c3e6d812738540f2
969c5e9cdc4c854e597af31760c99e946d5ab27a66919027cec812315b0b527e
97c06cbf85ac29b72df1d2a4b22a2abe3a93f27dd69f09f87133874ba34dfb0f
a324ab3e0e630adf7f92846e730a0206d83bd8c9215172ce45fd1fb1c5afc404
aae9f0fd9151c2d9f38dda1a013b5a15836472c14b170d17f83499ed886d0510
b39d9296f3651b358d8596b5974fb95702be6b7dcbc49cecd97b59339d8a5c92
b40b94bcb19d41eee094c2f4c32ef7420b88d621d4646e57c7870da2b8e4387c
b6d419be0f8d34d19fde6323498c0e6781844ca5275381fa3764d2063118dc11
b869f2ac979a87de91fae69f5d05241af039d8a2e176e09cde13c66a339f892f
b983f2d2e901b32d6d654be3d258a572586f05252f3960f38b30f78b41255b0a
c4b25cd117c2010382d4d9bf2867f9644aff5058da3650ede80797a5565de549
c72f397ba425f076c186fa90867397bfb96cb15aa8029fd77c14c36257ad36d5
c7f62b2d2bd3e07d7dd4faace1945fc413119091fabfcda2bd52d7995dabdee0
c9443256ff9f342a82ded47a767155481b73a47cfea157824b15c680db1dcc2e
ce35823baeedf5714f8dc9c3c55d93e713239e7e69797448289403a936c1859c
cf5e5c7ef57461159bc7b0718761b61181b4c6e52f32b57c1a329959e6b69c0a
d38637cf78a1acd29994d78937051f0c73eea776725f327673cb9dc213bcd320
d50493fed6e64858df87b2da5e0f6d0516b4f57502710931a94b429d0f7bae0a
dc737484823bc3c8e356b453b3ab42f8bfef39905c5683732e7077325682c848
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e286429ee965b373617374b3638314911301951fc7c43b927d00e6825709282d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb
e80cffc53b779bd8be53e2d79738bbe0ff413ef33bb88d3c0f1974337c2ff048
e8c12f47472f23ac94b35cc22da006a9fb4212be38fd7248d8570597b587f2d6
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
f4bb3ebd82b9c2d1182b7fd327e5495e2b3fee4083e4f8c046d3688cf0edf632