www.haleon.com Open in urlscan Pro
2606:4700::6812:1256 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://haleon.com/
Effective URL:
https://www.haleon.com/
Submission: On March 27 via api (March 27th 2024, 11:47:20 pm UTC) from US — Scanned from GB

Summary HTTP 143 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 14 domains to perform 143 HTTP transactions. The main IP is 2606:4700::6812:1256, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.haleon.com. The Cisco Umbrella rank of the primary domain is 438682.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 14th 2024. Valid for: a year.

This is the only time www.haleon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.58.42.47 212.58.42.47	8586 (OBSL-AS T...) (OBSL-AS TalkTalk - Business division)
89	2606:4700::68... 2606:4700::6812:1256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.17.100.227 2.17.100.227	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.114 18.66.112.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2600:1f14:5db... 2600:1f14:5db:eb00:9780:5190:bee5:ff3d	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f25... 2a03:2880:f258:1ca:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 _) (CDN77 _)
143	17

1 212.58.42.47 (Northampton, United Kingdom) 1 redirects

ASN8586 (OBSL-AS TalkTalk - Business division, GB)

haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

89 2606:4700::6812:1256 (United States)

ASN13335 (CLOUDFLARENET, US)

www.haleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.17.100.227 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-227.deploy.static.akamaitechnologies.com

irs.tools.investis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api.websitecarbon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-114.fra56.r.cloudfront.net

cdn.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f14:5db:eb00:9780:5190:bee5:ff3d (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f258:1ca:face:b00c:0:43fe (London, United Kingdom)

ASN32934 (FACEBOOK, US)

scontent-lhr8-2.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	haleon.com 1 redirects haleon.com — Cisco Umbrella Rank: 364485 www.haleon.com — Cisco Umbrella Rank: 438682	6 MB
20	userway.org cdn.userway.org — Cisco Umbrella Rank: 3307 api.userway.org — Cisco Umbrella Rank: 3249 cdn77.api.userway.org — Cisco Umbrella Rank: 6123	175 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 318	232 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	93 KB
6	cdninstagram.com scontent-lhr8-2.cdninstagram.com — Cisco Umbrella Rank: 10743	749 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	69 KB
2	investis.com irs.tools.investis.com — Cisco Umbrella Rank: 85854
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 564	306 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	addevent.com cdn.addevent.com — Cisco Umbrella Rank: 29852	8 KB
1	websitecarbon.com api.websitecarbon.com — Cisco Umbrella Rank: 426669	549 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	112 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 725	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 813	7 KB
143	14

	Domain	Requested by
89	www.haleon.com	www.haleon.com
11	cdn.cookielaw.org	www.googletagmanager.com www.haleon.com cdn.cookielaw.org
11	cdn.userway.org	www.haleon.com cdn.userway.org
6	i.ytimg.com
6	scontent-lhr8-2.cdninstagram.com
5	api.userway.org	www.haleon.com cdn.userway.org
4	cdn77.api.userway.org	cdn.userway.org
2	www.youtube.com	www.haleon.com www.youtube.com
2	irs.tools.investis.com	www.haleon.com
1	geolocation.onetrust.com	www.haleon.com
1	fonts.googleapis.com	client
1	cdn.addevent.com	www.haleon.com
1	api.websitecarbon.com	unpkg.com
1	www.googletagmanager.com	www.haleon.com
1	unpkg.com	www.haleon.com
1	static.cloudflareinsights.com	www.haleon.com
1	haleon.com	1 redirects
143	17

This site contains links to these domains. Also see Links.

Domain
otp.investis.com
www.instagram.com
www.youtube.com
www.google.com
www.linkedin.com
websitecarbon.com
supplier.haleon.com
www.terms.haleon.com
www.privacy.haleon.com
privacyportal-de.onetrust.com
health1.aetna.com
transparency-in-coverage.uhc.com
privacy.haleon.com
www.onetrust.com

Subject Issuer	Validity	Valid
haleon.com Cloudflare Inc ECC CA-3	`2024-02-14` - `2024-12-31`	a year	crt.sh
irs.tools.investis.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
api.websitecarbon.com Cloudflare Inc ECC CA-3	`2023-07-04` - `2024-07-03`	a year	crt.sh
*.addevent.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
1784939676.rsc.cdn77.org R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.haleon.com/
Frame ID: 53C9F7EB60D45A541A13C3992096C87D
Requests: 139 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB
Frame ID: 52DEB9D110C9ECDF3A3BD9A5FD2B48E5
Requests: 1 HTTP requests in this frame

Frame: https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB
Frame ID: 4B3E8E1CFE9EDDECDD4F2B5C99EA4688
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Haleon

Page URL History Show full URLs

https://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

100 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

17
IPs

4
Countries

7695 kB
Transfer

13359 kB
Size

6
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1802148&cid=2805
Title: Holding(s) in Company

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1801906&cid=2805
Title: Total Voting Rights and Capital

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1801887&cid=2805
Title: Closing of Secondary Global Offering by Pfizer

Search URL Search Domain Scan URL

URL: http://otp.investis.com/generic/regulatory-story.aspx?newsid=1801053&cid=2805
Title: Final prospectus supplement filed with the SEC

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C4dmsg8ssDA/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/C4XsIA7MlKZ/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C4PjRWwu9y6/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C45JrSBMVyA/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C4xR1Lhsfh0/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C4spMmQs8s9/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=dYlaOVvpP84

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=wRogwerCDSA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=WEtayA4k-kw

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=kOn8rHmTlZU

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=AI02C_qbbig

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=PkrUsQhSVlA

Search URL Search Domain Scan URL

URL: https://www.google.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/haleon/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCeRp3iDRROr1lj1jkXScycA
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/haleon
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://websitecarbon.com/
Title: Website Carbon

Search URL Search Domain Scan URL

URL: https://supplier.haleon.com/irj/portal/public?guest_user=SUP_GUEST_EN
Title: Supplier portal

Search URL Search Domain Scan URL

URL: https://www.terms.haleon.com/en-gb/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.privacy.haleon.com/en-gb/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://privacyportal-de.onetrust.com/webform/9ff761e6-6f16-4e20-800d-92706b153697/2dbed6f9-c63b-44b8-b85d-1adf5ab3f220
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.privacy.haleon.com/en-us/washington-consumer-health-data-notice
Title: Washington Consumer Health Data Notice

Search URL Search Domain Scan URL

URL: https://health1.aetna.com/app/public/#/one/insurerCode=AETNACVS_I&brandCode=ALICSI/machine-readable-transparency-in-coverage?searchTerm=111579681&lock=true
Title: Aetna

Search URL Search Domain Scan URL

URL: https://transparency-in-coverage.uhc.com/
Title: United Healthcare

Search URL Search Domain Scan URL

URL: https://privacy.haleon.com/en-gb/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://haleon.com/ HTTP 301
https://www.haleon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.haleon.com/
Redirect Chain

https://haleon.com/
https://www.haleon.com/

101 KB
18 KB

301ms
86ms

Document
text/html

2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a67a6268d595efc4e860ac9a23eab4fdd47d67abf6e9b7016634d8f7a155ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

bsg-cdn: P
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86b343a91e583695-LHR
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 23:47:13 GMT
expires: Wed, 27 Mar 2024 23:47:13 GMT
last-modified: Wed, 27 Mar 2024 23:21:34 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: text/html; charset=UTF-8
Location: https://www.haleon.com/

GET
H2 200 NewHeroAccess-Regular.woff
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 89 KB
90 KB 108ms
101ms Font
application/font-woff 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Regular.woff

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 513
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"165b8-614019657803b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff
cache-control: public, max-age=14400
cf-ray: 86b343a9bef93695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 NewHeroAccess-Medium.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
83 KB 66ms
60ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Medium.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e7827d5164b684eb0a1eec749830cdcedba44da8654254e4bf95c9089699c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736266
content-length: 83488
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: "14620-61401965768a7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9befa3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 NewHeroAccess-ExtraBold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 83 KB
85 KB 62ms
55ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-ExtraBold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d78848cb5943a3de81d805a88a849eb6afdd7514833b1a6c534f2531c6051c76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736266
content-length: 84964
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"14be4-6140199bec244"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9befb3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 NewHeroAccess-Bold.woff2
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/ 82 KB
83 KB 109ms
103ms Font
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/fonts/NewHeroAccess-Bold.woff2

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 107
content-length: 84304
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: "14950-614019657939f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9befd3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 319 KB
30 KB 66ms
60ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b20e066e2227064f73f98d93f3c5999d22eee246c94b7817a1b08066c177882

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=330487
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"50af7-6140196576cb3"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9bef53695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.44a1783be8e88dc73188908af6c38c01.css
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 185 B
382 B 64ms
59ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.44a1783be8e88dc73188908af6c38c01.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736267
cf-polished: origSize=188
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:06 GMT
server: cloudflare
etag: W/"bc-6140199b4906b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9bef63695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.59c0d61dcf5eacb237a83816c6996ebd.css
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 551 B
2 KB 64ms
59ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.59c0d61dcf5eacb237a83816c6996ebd.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 96
cf-polished: origSize=559
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"22f-6140196b3d14f"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9bef73695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.d54c23ba76bd8648119795790ae83779.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 304 B
285 B 104ms
99ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.d54c23ba76bd8648119795790ae83779.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
cf-polished: origSize=308
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:08 GMT
server: cloudflare
etag: W/"134-6140199ce2f16"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9befe3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 18 KB
5 KB 106ms
101ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.e48599f4428c69904e136629273e7091.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=19065
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:13 GMT
server: cloudflare
etag: W/"4a79-61401968ce440"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9bf003695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 0
2 KB 104ms
100ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 96
content-length: 0
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:13 GMT
server: cloudflare
etag: "0-61401968cccd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9bf023695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 594 B
2 KB 108ms
103ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.fdbbf601711ed1a8af4ec660abfffe5a.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=611
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"263-6140199bbc0b9"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff3c3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.b104a4a85c21511ada13e2c6e7552d37.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 29 B
2 KB 108ms
104ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b104a4a85c21511ada13e2c6e7552d37.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
content-length: 29
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: "1d-61401965797ab"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9ff3e3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.678529bdf3a4377ad53eddfaad041267.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 743 B
2 KB 109ms
106ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.678529bdf3a4377ad53eddfaad041267.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=751
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"2ef-6140199c38496"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff3f3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.ba1d5fd43b3af2d82022e5ecb2cd62ce.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/ 27 KB
4 KB 107ms
104ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/pageteaser/clientlibs.min.ba1d5fd43b3af2d82022e5ecb2cd62ce.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66159db76fc9fe72aa222b4b5f42affe0b7600a432dca26502334463f6bda71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=27594
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"6bca-61401965745a3"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff413695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/ 20 B
2 KB 110ms
108ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/html/clientlibs.min.4fd3a51fcf4962f55d1eea4adb2f7ba9.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
content-length: 20
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: "14-6140196b432f8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343a9ff423695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.a25d0e02ee71854d292795259e45ea91.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 35 KB
4 KB 109ms
106ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.a25d0e02ee71854d292795259e45ea91.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b72fb03cd75dbdbb19d8955a579a25986c8fb21101425fd10628cdacc135603

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=36755
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"8f93-6140196573daf"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff443695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.60f56484892f013887b518684a45ba05.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 40 KB
4 KB 107ms
105ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.60f56484892f013887b518684a45ba05.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653c041e40a622bfc673da2590b250164ddd2f9aa26954ae19d327afabece2e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=40857
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:13 GMT
server: cloudflare
etag: W/"9f99-61401968fe1e3"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff463695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.4540407984e7a2f2c466df377a9e5264.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 33 KB
3 KB 111ms
109ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.4540407984e7a2f2c466df377a9e5264.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02187b8c84f7ae1474e30629de943b19c8258aa1d4039c2f082daa872ef425d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736267
cf-polished: origSize=33969
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:15 GMT
server: cloudflare
etag: W/"84b1-6140196b0e735"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff473695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 235 B
238 B 108ms
106ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.dd826a69e65a21603dd5871e2bb6d9b4.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 710
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:14 GMT
server: cloudflare
etag: W/"eb-61401969def98"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff493695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.34d493b1b1f0e44251c6709d59dbf59e.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/ 20 KB
2 KB 110ms
109ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.34d493b1b1f0e44251c6709d59dbf59e.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a576d86706069601c53562f8cf1d11f3a91fd847e3828e7c285e09fefd1d0ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=20395
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"4fab-6140196b99db4"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff4c3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.6a42568307b13128c2b87bbff0b36add.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/ 15 KB
1 KB 144ms
143ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/decorator/clientlibs.min.6a42568307b13128c2b87bbff0b36add.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ea031c0133a5573cd7fb5f20e5e97299807be8aa598519b481f850729a3613

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736267
cf-polished: origSize=15227
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"3b7b-6140196b943db"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff4d3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.daaa115658ad252bb0638e422e26cf95.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/ 17 KB
3 KB 145ms
144ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/documentteaser/clientlibs.min.daaa115658ad252bb0638e422e26cf95.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a371fad4fd9caec9001583c9cd71f79e8be4a696b11db501ccf3915d104fd6fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 710
cf-polished: origSize=17293
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"438d-6140196b7b952"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff4e3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.7d185ca0133fc1ed6f9b8fc9b9e4c6ad.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 14 KB
3 KB 111ms
109ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.7d185ca0133fc1ed6f9b8fc9b9e4c6ad.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

086b91c68373424f4e8799c21cabdcf97ec1b3b816d09bc90d2be68fb6be72fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 826
cf-polished: origSize=14760
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"39a8-6140196b7f002"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff4f3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.88b1f6ff75f8d108622f9511a8ec2811.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 16 KB
2 KB 108ms
107ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.88b1f6ff75f8d108622f9511a8ec2811.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37304edefd9e53584a7ba0b0cd1c699d9cb80ec86cf9e4a849d2350640f67608

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=16250
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"3f7a-6140196b36bbf"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff503695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.d69b260b326ec3d209db7beb9b3d5e7c.css
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/videoscrollplay/ 15 KB
2 KB 112ms
110ms Stylesheet
text/css 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/videoscrollplay/clientlibs.min.d69b260b326ec3d209db7beb9b3d5e7c.css

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80fe4e5ba4023916db0a675f1f2fcdb59a9411dc5d942beaffc7caa5bd47005f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736267
cf-polished: origSize=15242
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:06 GMT
server: cloudflare
etag: W/"3b8a-6140199b6bf75"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 86b343a9ff513695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H/1.1 200
OK ticker_lse.aspx
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame 52DE 0
0 231ms
87ms Document
text/html 2.17.100.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_lse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-227.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private, max-age=52
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3170
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Mar 2024 23:47:13 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK ticker_nyse.aspx
irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ Frame 4B3E 0
0 271ms
130ms Document
text/html 2.17.100.227
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://irs.tools.investis.com/Clients/uk/haleon_plc1/Ticker/ticker_nyse.aspx?culture=en-GB

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-227.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haleon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-GB,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3148
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Mar 2024 23:47:13 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=15768000; includeSubDomains
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 rocket-loader.min.js Show response
www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 82ms
81ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: W/"65fd6d96-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 86b343a9ff533695-LHR
expires: Fri, 29 Mar 2024 23:47:13 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 180ms
81ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 86b343aa796763a8-LHR

GET
H2 206 Homepage-Banner-2024.mp4
www.haleon.com/content/dam/haleon/corporate/videos/home/ 3 MB
3 MB 83ms
83ms Media
video/mp4 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/home/Homepage-Banner-2024.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3afcdfa0f86f8d4d337ac1d9d6e4933402916e88fe5ac83fb7d8f7fc1a8f2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.haleon.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736022
Content-Range: bytes 0-2646528/2646529
Content-Length: 2646529
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Sat, 16 Mar 2024 04:13:10 GMT
server: cloudflare
etag: "286201-613bf57acfed7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=14400
cf-ray: 86b343a9ff543695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 206 haleon-homepage-ambient-video-2024.mp4
www.haleon.com/content/dam/haleon/corporate/videos/home/ 3 MB
0 85ms
84ms Media
video/mp4 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/dam/haleon/corporate/videos/home/haleon-homepage-ambient-video-2024.mp4

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.haleon.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736033
Content-Range: bytes 0-9877922/9877923
Content-Length: 9877923
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Mar 2024 20:12:59 GMT
server: cloudflare
etag: "96b9a3-613b8a25e1dc4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=14400
cf-ray: 86b343a9ff583695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.337fa8abe56ed821e49dc6e2baf9ee44.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/ 6 KB
2 KB 58ms
55ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/accordion/v1/accordion/clientlibs/site.min.337fa8abe56ed821e49dc6e2baf9ee44.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 708
cf-polished: origSize=6025
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 12:12:21 GMT
server: cloudflare
etag: W/"1789-6140262d85c2f"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfd53695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.a3b9bcbefeb50a162588eece4986e142.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/videoscrollplay/ 328 B
2 KB 58ms
55ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/videoscrollplay/clientlibs.min.a3b9bcbefeb50a162588eece4986e142.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226c889afae4a9ac2e5e3500480e81a848816a6064b94b512170f901b37c0d9c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"148-6140199e98efa"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfd73695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/ 223 B
266 B 62ms
59ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/haleonvideo/clientlibs.min.b9ceaf743a34d6ee9e600ad40a7dc18b.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"df-6140196b747f7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfd93695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/ 1 KB
772 B 68ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/youtubefeed/clientlibs.min.157e0b872d651904fa2c90fc711c5de5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736262
cf-polished: origSize=1312
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"520-6140199ed0d85"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfde3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.10ba16241f3d21842bf7517421cbede5.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/ 1 KB
2 KB 66ms
61ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/socialfeed/clientlibs.min.10ba16241f3d21842bf7517421cbede5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
cf-polished: origSize=1344
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"540-6140196b75f67"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfdf3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.0125582de328f26b2867e52a10ea7c9c.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/ 4 KB
1 KB 62ms
58ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/eventlist/clientlibs.min.0125582de328f26b2867e52a10ea7c9c.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

266c8c2918e6418c3fdb0ba93bbed8cb76ccf77ce8c3a1c54598cae54160e22c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736263
cf-polished: origSize=4271
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"10af-6140199ece28d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfe03695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/ 748 B
2 KB 68ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/homepagecarousel/clientlibs.min.3934a0a6bc3330576c1715460bc42a72.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 428
cf-polished: origSize=749
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"2ed-6140199c4fff2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfe13695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/ 39 B
2 KB 62ms
58ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: "27-6140199c65f83"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343aabfe33695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/ 39 B
159 B 66ms
62ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/banner/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:11 GMT
server: cloudflare
etag: "27-61401966e156c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343aabfe53695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/ 7 KB
2 KB 66ms
62ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/articlefilterpane/clientlibs.min.274efecdf3dc6ea1b689e4b65773bfbb.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736264
cf-polished: origSize=6838
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:09 GMT
server: cloudflare
etag: W/"1ab6-6140199dd8101"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfe63695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/ 716 B
470 B 65ms
61ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/video/damvideo/clientlibs.min.bb7e9ec038b6480a27f813d69c048482.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=717
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"2cd-6140196b7440f"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfe83695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.a93f7e904673f385596510a3e318c968.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/ 2 KB
3 KB 69ms
66ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/sitesearch/searchfield/clientlibs.min.a93f7e904673f385596510a3e318c968.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=2306
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"902-61401965a56cd"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfeb3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/ 39 B
163 B 68ms
64ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/homepage/clientlibs.min.fe006b16db05dd2cd0cff998424115ad.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736264
content-length: 39
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: "27-6140196b7d4aa"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343aabfec3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 175 KB
48 KB 68ms
65ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs.min.ca126e2aba102ba8986000ddc542d101.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736262
cf-polished: origSize=179831
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"2be77-6140196bbb8c5"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfed3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/ 5 KB
2 KB 67ms
63ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/tabs/v1/tabs/clientlibs.min.f0a50b248ef4c2b78abca86d10ed6b6f.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 107
cf-polished: origSize=4844
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"12ec-6140196babaca"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfee3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 container.min.64e934d0a16266574945c8fb92e68316.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 751 B
434 B 69ms
66ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.min.64e934d0a16266574945c8fb92e68316.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=752
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:12 GMT
server: cloudflare
etag: W/"2f0-61401967d5ba2"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabfef3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.aa46d38d774e0f8b6abfb1d1b236d489.js Show response
www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/ 6 KB
2 KB 71ms
68ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/core/wcm/components/carousel/v1/carousel/clientlibs/site.min.aa46d38d774e0f8b6abfb1d1b236d489.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 96
cf-polished: origSize=6390
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:09 GMT
server: cloudflare
etag: W/"18f6-6140199e5035f"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabff03695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 b.min.js Show response
unpkg.com/website-carbon-badges@1.1.3/ 2 KB
1 KB 154ms
60ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/website-carbon-badges@1.1.3/b.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 805082
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HS955W7CGM3NJGTB1WJBZPA7-lhr
server: cloudflare
etag: W/"792-NRepadguwX6vXqMB5vpqAqsoUJA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 86b343ab49959584-LHR

GET
H2 200 gtm.min.5faae227c57de25f4854b29539035da1.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 465 B
2 KB 66ms
64ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/gtm.min.5faae227c57de25f4854b29539035da1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736264
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"1d1-6140196bd52ee"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabff23695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 frame-manager.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/ 7 KB
5 KB 68ms
66ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/vendor-clientlibs/resources/frame-manager.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
cf-polished: origSize=7512
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:08 GMT
server: cloudflare
etag: W/"1d58-6140199d5d881"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabff43695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.df66dee73ae9cb8a94fb48ee5154a505.js Show response
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/ 25 KB
9 KB 70ms
68ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.df66dee73ae9cb8a94fb48ee5154a505.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4415633e7c01783a0014502433e7cf5b3f4e9806abc33a3fda57f20ffe6bd92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 825
cf-polished: origSize=34816
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"8800-61401965a760d"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aabff53695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/ 3 KB
3 KB 98ms
96ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/core-wcm/container/v1/container/clientlibs.min.b360c08cfd76d5d067201f90b36dd805.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=3307
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"ceb-6140199c65b9b"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aaf8323695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 site.min.b06ae959f463530b64fc1fb044b0d743.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/ 9 KB
5 KB 105ms
103ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-components/image/clientlibs/site.min.b06ae959f463530b64fc1fb044b0d743.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736266
cf-polished: origSize=19825
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:07 GMT
server: cloudflare
etag: W/"4d71-6140199c66b3b"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aaf8333695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js Show response
www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/ 58 KB
19 KB 102ms
100ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94bdf0772af766a1c24ad6e894a5699c83007518570bbefb767a9e74b1c65397

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736262
cf-polished: origSize=59439
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:15:12 GMT
server: cloudflare
etag: W/"e82f-61401967656da"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aaf8353695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 jquery.min.e8b3debede90df40df8881108ba067d8.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/ 98 KB
35 KB 100ms
98ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery.min.e8b3debede90df40df8881108ba067d8.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736265
cf-polished: origSize=100794
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:08 GMT
server: cloudflare
etag: W/"189ba-6140199d6037a"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aaf8363695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 csrf.min.652a558c3774088b61b0530c184710d1.js Show response
www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 4 KB
2 KB 104ms
103ms Script
application/javascript 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736264
cf-polished: origSize=3618
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: minify
last-modified: Tue, 19 Mar 2024 11:16:09 GMT
server: cloudflare
etag: W/"e22-6140199dd7161"
vary: Accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 86b343aaf8373695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 search-whote.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 698 B
2 KB 65ms
60ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/search-whote.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"2ba-6140199f24191"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab28653695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 haleon-logo-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/ 1 KB
1 KB 61ms
57ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/logos/haleon-logo-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736265
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=4qq3N..HiE4Ns5l4ynSZ165YYznoBSfb5seqK9LvC6g-1711583233-1.0.1.1-qItT.1jVvGSXhFmmusfhleuBsGG3lJAj8Ws5PYBiLqFzqt97Jcjhkit9pBYjazRWtCqOLF1ilj2F0nLmDFfbg3awCBugApuQFLlrUMo_pNUxXYPxb41kESXtz2h70jKuQ9GMGqpA_3rJWgIXFwWvNw; report-to cf-csp-endpoint
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:08 GMT
server: cloudflare
etag: W/"572-6140199d5f7c1"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=4qq3N..HiE4Ns5l4ynSZ165YYznoBSfb5seqK9LvC6g-1711583233-1.0.1.1-qItT.1jVvGSXhFmmusfhleuBsGG3lJAj8Ws5PYBiLqFzqt97Jcjhkit9pBYjazRWtCqOLF1ilj2F0nLmDFfbg3awCBugApuQFLlrUMo_pNUxXYPxb41kESXtz2h70jKuQ9GMGqpA_3rJWgIXFwWvNw"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: public, max-age=14400
cf-ray: 86b343ab28663695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 chat-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 725 B
2 KB 58ms
54ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chat-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 825
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:10 GMT
server: cloudflare
etag: W/"2d5-61401965eaff6"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38683695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 chevron-down-white.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 241 B
463 B 60ms
56ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/chevron-down-white.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 96
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:15 GMT
server: cloudflare
etag: W/"f1-6140196b0cfc5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38693695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 ellipse-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 150 B
2 KB 60ms
57ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ellipse-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.60f56484892f013887b518684a45ba05.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/ambientvideobanner/clientlibs.min.60f56484892f013887b518684a45ba05.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"96-6140199ed1555"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab386a3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 arrow-right-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 300 B
2 KB 61ms
58ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736263
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"12c-6140196b56f61"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab386b3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 markers-updated.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
2 KB 58ms
56ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/markers-updated.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 321
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 14:10:07 GMT
server: cloudflare
etag: W/"a1c-6140408096c0a"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab386d3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 arrow-right-primary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
2 KB 59ms
57ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-primary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 96
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:15 GMT
server: cloudflare
etag: W/"12e-6140196ac14bc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab386f3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 plus-black.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 179 B
294 B 58ms
57ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/plus-black.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.34d493b1b1f0e44251c6709d59dbf59e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/content/eventteaser/clientlibs.min.34d493b1b1f0e44251c6709d59dbf59e.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 96
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"b3-6140199ed116d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38703695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 vector-decoration-light-bg.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
2 KB 60ms
57ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/vector-decoration-light-bg.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 96
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:15 GMT
server: cloudflare
etag: W/"71e-6140196a80d79"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38773695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 tabs-social-insta.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 4 KB
3 KB 63ms
60ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-insta.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 881
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"e40-6140196b95764"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38783695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 tabs-social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 791 B
642 B 68ms
66ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"317-6140199ed0d85"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387a3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 tabs-social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 775 B
695 B 63ms
61ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/tabs-social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736265
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:08 GMT
server: cloudflare
etag: W/"307-6140199d5c4f9"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387b3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 social-instagram.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 3 KB
3 KB 64ms
62ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-instagram.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 289
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:12 GMT
server: cloudflare
etag: W/"cac-6140196763b82"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387c3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 social-youtube.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 593 B
2 KB 57ms
56ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-youtube.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:16:10 GMT
server: cloudflare
etag: W/"251-6140199ed01cd"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387d3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 social-linkedin.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 771 B
534 B 63ms
62ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/social-linkedin.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736265
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:13 GMT
server: cloudflare
etag: W/"303-61401968b4a16"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387e3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 privacyoptions.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 2 KB
2 KB 61ms
60ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/privacyoptions.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736265
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:15 GMT
server: cloudflare
etag: W/"701-6140196a81931"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab387f3695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 arrow-right-tertiary.svg
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/ 302 B
2 KB 64ms
64ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/arrow-right-tertiary.svg

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs.min.a2adae0ac564d3d679252704d666ea2f.css
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:13 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 736262
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Tue, 19 Mar 2024 11:15:16 GMT
server: cloudflare
etag: W/"12e-6140196b52528"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343ab38813695-LHR
expires: Thu, 28 Mar 2024 03:47:13 GMT

GET
H2 200 token.json Show response
www.haleon.com/libs/granite/csrf/ 2 B
109 B 72ms
72ms XHR
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/libs/granite/csrf/token.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=iso-8859-1
cache-control: no-cache
cf-ray: 86b343adbac23695-LHR
expires: -1

GET
H2 200 favicon.png
www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/favicons/ 1 KB
3 KB 55ms
55ms Other
image/png 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/etc.clientlibs/haleon/corporate/components/structure/basepage/clientlibs/resources/images/favicons/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acf245ee7adbdda36ca3f21dad90ed640ca66757693f16b015a52fcefa69290e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 706
cf-polished: status=not_needed
content-length: 1032
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Mar 2024 11:16:09 GMT
server: cloudflare
etag: "408-6140199e55568"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343adcadd3695-LHR
expires: Thu, 28 Mar 2024 03:47:14 GMT

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 203ms
52ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6b99a0d37ed4d85dce40c1b1ddae265e03e530a6d3cc357f534344bb5c499d89

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:14 GMT
via: 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 611
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 916
x-accel-date: 1711582318
x-77-nzt: EgwB1GY4tAH3lAMAAAwBnJIhJwH3CQAAAA
x-accel-expires: @1711585918
x-77-age: 925
last-modified: Wed, 27 Mar 2024 14:20:25 GMT
server: CDN77-Turbo
etag: W/"b7a867a1cad4d8c2a2c0cc24007ef637"
x-77-nzt-ray: 6d204d117d1f485102b004665935f115
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: 6O8F6qk6p1rYQalVUps1XXwi-aKuTRkMo8xUfN-ybMCXaFGVNDDAGw==

GET
H2 200 sharefeed-lse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 149 B
328 B 71ms
70ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-lse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3434d33a5d8d26fa9b53619f18d224f64c9cefc7b9e594f9f2a585e75e2c1b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 149
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 86b343addaf23695-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 sharefeed-nyse.model.json Show response
www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/jcr:content/root/container_986302361/container_1170101225/container/ 147 B
2 KB 104ms
104ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/jcr:content/root/container_986302361/container_1170101225/container/sharefeed-nyse.model.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daadf18154019f8527584fad372ce63cbf3dd441e4ea0d2b8f712000f77d6727

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-length: 147
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 86b343addaf33695-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
112 KB 199ms
79ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c74c8c82041034cce0f20643b3472c40a5169f37f6c719ff17607fbe13b9b388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114036
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 23:09:04 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Mar 2024 23:47:14 GMT

GET
H3 200 b Show response
api.websitecarbon.com/ 61 B
549 B 174ms
112ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.websitecarbon.com/b?url=https%3A%2F%2Fwww.haleon.com%2F
Requested by: Host: unpkg.com
URL: https://unpkg.com/website-carbon-badges@1.1.3/b.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a1efa88ceb31a1562030056437e469ca6ab4f3675609773fb2f231dc822824d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1a9M58zl%2FSO01q7IE4fECuTmU%2BDgzUtOk%2BtduteIs6vjDsriSLUw%2BxF4db7qJphA5J%2BTVXO%2FgeexX1rqNWyMmI9gQ3%2BZt%2B5croqa%2FIzl0QuHL3oRnZHiGMAJ3I%2FhADyowtUWwQTXC4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json;charset=UTF-8
x-robots-tag: noindex
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-ray: 86b343ae4c04643c-LHR

GET
H2 200 articlefilterpane.model.json Show response
www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/ 2 KB
926 B 115ms
114ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/jcr:content/root/responsivegrid/container/articlefilterpane.model.json?start=0&selectedYear=0

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92dbe359a733752d01d453765714c54351cb74bec5e85c6efb0cb50b187fbf98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 86b343ae0b183695-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 atc.min.js Show response
cdn.addevent.com/libs/atc/1.6.1/ 32 KB
8 KB 181ms
55ms Script
application/javascript 18.66.112.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.addevent.com/libs/atc/1.6.1/atc.min.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-114.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2a47e6425e7b8b13cc41a793610261685f231c584701ba52f6f5a6fe6e0a02c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Jan 2024 14:52:54 GMT
content-encoding: br
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
x-amz-cf-pop: FRA56-P5
age: 6771261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Sep 2023 10:29:07 GMT
server: AmazonS3
etag: W/"054b3aa7e686eac972fc5bae21c99c9f"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=8380800, public, must-revalidate
x-amz-cf-id: GkzsUOpAomvRSXw6FQnPppLLlNvX1EN2ksqiJsEAaBUPG9vAgia0_w==

GET
H2 200 _jcr_content.socialfeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 3 KB
1 KB 67ms
66ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.socialfeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9a969b0c39783087b28c4881edffa2208f4683bc8dd1fa88a6f8b22edbd02f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 86b343ae0b193695-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
H2 200 _jcr_content.youtubefeed.data Show response
www.haleon.com/content/haleon/corporate/en/index/ 2 KB
850 B 103ms
102ms Fetch
application/json 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/content/haleon/corporate/en/index/_jcr_content.youtubefeed.data

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/blacksunplc-aem-commons/clientlibs/blacksunplc/blacksunplc.min.cdb7379b3136ae1b04016f96b091cda5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c42b5d84940e593cd913004d926a9305e3d96f9c29f94e3b1c47fddce52d7ab2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: application/json;charset=utf-8
cache-control: must-revalidate,no-cache,no-store,no-transform,private,max-age=0
cf-ray: 86b343ae0b1a3695-LHR
expires: Thu, 01 Jan 1970 01:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 rum Show response
www.haleon.com/cdn-cgi/ 0
182 B 45ms
45ms XHR
text/plain 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haleon.com/cdn-cgi/rum?

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
CSRF-Token: undefined
Referer: https://www.haleon.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.haleon.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 86b343ae3b373695-LHR

GET
H2 200 world-oral-health-day-banner.png
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 216 KB
218 KB 109ms
107ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/world-oral-health-day-banner.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b40e818e891d36eb552e231f7a971f2efd621b5c5bd7ba5a6513b92e34d5c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 258
cf-polished: origFmt=png, origSize=416212
content-disposition: inline; filename="world-oral-health-day-banner.webp"
content-length: 220890
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Mar 2024 09:16:54 GMT
server: cloudflare
etag: "659d4-614140d3c215f"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343af0c373695-LHR
expires: Thu, 28 Mar 2024 03:47:14 GMT

GET
H2 200 2023-full-year-results-banner.jpg
www.haleon.com/content/dam/haleon/corporate/images/2023-Results/ 1 MB
1 MB 54ms
53ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/2023-Results/2023-full-year-results-banner.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed45b5ba91389fe8e225b04c2d3f874b7d6ea6862d2a03f51aeba8ef957a1f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736032
cf-polished: origSize=1199766
content-length: 1106717
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 15 Mar 2024 20:13:03 GMT
server: cloudflare
etag: "124e96-613b8a2a24d38"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343af0c383695-LHR
expires: Thu, 28 Mar 2024 03:47:14 GMT

GET
H2 200 GettyImages-935268856%20(1).png
www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/ 184 KB
185 KB 118ms
117ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/news/press-releases/GettyImages-935268856%20(1).png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bfd04c03906f480c05e90683db4b4d4d13465b0e0a86d60ff3fa7e60af5b4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 870
cf-polished: origFmt=png, origSize=262543
content-disposition: inline; filename="GettyImages-935268856%20(1).webp"
content-length: 188662
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Mon, 18 Mar 2024 00:59:27 GMT
server: cloudflare
etag: "4018f-613e4de86b278"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343af0c393695-LHR
expires: Thu, 28 Mar 2024 03:47:14 GMT

GET
H2 200 widget_app_base_1711549083010.js Show response
cdn.userway.org/widgetapp/2024-03-27-14-18-03/ 151 KB
43 KB 163ms
52ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/widget_app_base_1711549083010.js
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: cb6c3b6a3ff1ccda363c5e651d1bea25139e8b57d5f8f7d83acdf0d86b40324d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:14 GMT
via: 1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 610
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33314
x-accel-date: 1711549920
x-77-nzt: EgwB1GY4tAH3IoIAAAwBnJIhHwH3CgAAAA
x-accel-expires: @1737469910
x-77-age: 33324
last-modified: Wed, 27 Mar 2024 14:20:20 GMT
server: CDN77-Turbo
etag: W/"51d2a425f150bc76a0e300094062a826"
x-77-nzt-ray: 6d204d119bf9d75202b00466b39dce1f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ryIpyyFrYZo0L8J6gaXKdIXfd-qQg3N01tscOax53XlLA2W1VF2BFA==

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
2 KB 184ms
62ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter&family=Open+Sans:ital,wght@0,400;0,600;1,400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62fc1befa1b254d0c4cffa16c912a004f4fe90f6c6175d681ab1bd3fa68164ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 23:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 22:31:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 23:47:14 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 149ms
54ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RBMJKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 27487
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 08:59:21 GMT
server: cloudflare
etag: 0x8DC4E3C319418D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2463efed-c01e-0042-6361-808003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b0cd0c459f-LHR

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 212ms
76ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7e914f21e0e5e828bfbc92840b0b6884c691b18f1dfe7272803d0b98ae38ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 27 Mar 2024 23:47:14 GMT

GET
H2 200 haleon-logo-white.svg
www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/ 1 KB
921 B 53ms
53ms Image
image/svg+xml 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/experience-fragments/haleon/corporate/en/header/master/_jcr_content/root/container/container_481579621/image.coreimg.svg/1678803006119/haleon-logo-white.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
bsg-cdn: P
age: 109
content-encoding: br
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Sat, 16 Mar 2024 04:42:07 GMT
server: cloudflare
etag: W/"573-613bfbf2cd3f0"
x-frame-options: SAMEORIGIN
vary: Accept-encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86b343b08ded3695-LHR
expires: Thu, 28 Mar 2024 03:47:14 GMT

POST
H2 200 XJzryPgNCX Show response
api.userway.org/api/tunings/ 3 KB
3 KB 628ms
204ms XHR
application/json 2600:1f14:5db:eb00:9780:5190:bee5:ff3d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/XJzryPgNCX
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9780:5190:bee5:ff3d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ed3301260dc61e165a18c4eee7f47d74278e34887ba632eccd2b6f59bf9a5bd7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 27 Mar 2024 23:47:15 GMT
etag: W/"a97-/NkqMNKYMnJa9f8rhJPQh5dJlks"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr07aeaee1967749a
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2711
x-service-version: uw-pr

GET
H2 200 86714296-61df-485c-b4cf-db59eb2bc854.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/ 7 KB
3 KB 148ms
60ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/86714296-61df-485c-b4cf-db59eb2bc854.json

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b481c2efd92277050855295a03fb800210428215d453c3980706f4bee06c5dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 23204
content-md5: sMfrHJ5ttpexcWzabUlvaQ==
content-length: 2263
x-ms-lease-status: unlocked
last-modified: Fri, 16 Feb 2024 05:21:41 GMT
server: cloudflare
etag: 0x8DC2EAF285FF09F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1ae3b11d-301e-0056-2258-79c86c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b1ab8c957d-LHR
expires: Thu, 28 Mar 2024 23:47:14 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/9383995e/www-widgetapi.vflset/ 216 KB
67 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9383995e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc22aa61526b54bd655a11d628c6a6522c714fd355633936052ffb93368f397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 20:34:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68393
x-xss-protection: 0
last-modified: Tue, 26 Mar 2024 04:16:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Mar 2025 20:34:39 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 150ms
59ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 86b343b2ac9663f3-LHR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 430 KB
105 KB 58ms
58ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Requested by

Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ekgyiOgvSPjNzcyXVUS11Q==
age: 16883
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106739
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:28 GMT
server: cloudflare
etag: 0x8DC3E996ED117D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b30f0a459f-LHR

GET
H2 200 en-gb.json Show response
cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/b157518f-6c0d-45cf-a053-0962722b36a6/ 39 KB
11 KB 59ms
59ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/86714296-61df-485c-b4cf-db59eb2bc854/b157518f-6c0d-45cf-a053-0962722b36a6/en-gb.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b383c0794fc2a42ef0783efc4cd58a63571427012088a97ccb6f02b840787dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11143
content-md5: koxXIl8QnK2oCDF7nT5+5g==
content-length: 11492
x-ms-lease-status: unlocked
last-modified: Fri, 16 Feb 2024 05:21:53 GMT
server: cloudflare
etag: 0x8DC2EAF2FFC2366
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 78c124a8-f01e-0004-5e98-60b484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b3bd18957d-LHR
expires: Thu, 28 Mar 2024 23:47:15 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 9 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mxz2n732zKhkPcAbb+5oGw==
age: 62349
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2626
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:22 GMT
server: cloudflare
etag: 0x8DC3E996B0055CE
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ea9a1eac-801e-0098-6b21-7c19e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b43d6b957d-LHR

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 64 KB
13 KB 54ms
53ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97844014791e7702e498af1b54139d615fc5a34f9b47cca8dd9d3cce6f645bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: aEtIrXgwjpx03r+FaEAJLg==
age: 16421
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12859
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:24 GMT
server: cloudflare
etag: 0x8DC3E996BF20BEA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 66ff0bf4-601e-0080-5e22-71c685000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b43d6d957d-LHR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 57ms
56ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 72956
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 11:26:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 064b15a1-501e-0040-0a08-7c3ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b343b43d6f957d-LHR

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 55ms
55ms Fetch
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 72955
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 02:02:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 692c172b-801e-0021-0ef7-7f1df8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b343b4bdda957d-LHR

GET
H2 200 H_MasterLogo_Colour_POS_RGB.png
cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/e7bead89-bdc7-443b-b4b1-74280968cd3d/2a7d5473-083a-47e6-beed-8826155f6c36/ 42 KB
42 KB 53ms
53ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/e7bead89-bdc7-443b-b4b1-74280968cd3d/2a7d5473-083a-47e6-beed-8826155f6c36/H_MasterLogo_Colour_POS_RGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

018cee6ac241a5e262e35942ccec440bbb2569e5803daa3a343fb54bfe8de430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7Ok5iE8jMm9KWC/rBPPnJw==
age: 26958
content-length: 42731
x-ms-lease-status: unlocked
last-modified: Fri, 09 Feb 2024 15:44:07 GMT
server: cloudflare
etag: 0x8DC2985F36ED1EA
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 10ffdac3-601e-0074-554e-790d73000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b4d892459f-LHR

GET
H2 200 H_MasterLogo_Colour_POS_RGB.png
cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/ 42 KB
42 KB 57ms
57ms Image
image/png 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/9ff761e6-6f16-4e20-800d-92706b153697/a491b493-d0bc-4083-acf4-66d6d41b21d9/106ce14a-0504-4c7a-b522-a737945b0f6e/H_MasterLogo_Colour_POS_RGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nNAGf+eQ9T8Sg4dRXg/voQ==
age: 73364
content-length: 42768
x-ms-lease-status: unlocked
last-modified: Wed, 18 May 2022 16:32:05 GMT
server: cloudflare
etag: 0x8DA38EBF1BB494C
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 144c0150-301e-0024-4508-7ccf23000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86b343b4d893459f-LHR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 56ms
56ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Mar 2024 23:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 16886
x-ms-lease-status: unlocked
last-modified: Wed, 27 Mar 2024 08:59:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 06e4b66f-501e-0040-4b79-803ebb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 86b343b4d895459f-LHR

GET
H2 200 en-GB.json Show response
cdn.userway.org/widgetapp/2024-03-27-14-18-03/locales/ 621 B
1004 B 54ms
54ms XHR
application/json 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/locales/en-GB.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 608
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33063
x-accel-date: 1711550172
x-77-nzt: EgwB1GY4tAH3J4EAAAwBnJIhJwH3BQEAAA
x-accel-expires: @1737469911
x-77-age: 33324
last-modified: Wed, 27 Mar 2024 14:20:19 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: 6d204d119bf9d75203b00466312a5914
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: RO2kd-m_AlUfamGleMkFByNQE9BNyexjSvbkqp7IE2RGta_P7USTig==

GET
H2 200 remediation_1711549083010.js Show response
cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/ 107 KB
29 KB 84ms
83ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/remediation_1711549083010.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/widget_app_base_1711549083010.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5f9e45b458d785f20f91638974a6966f3024f2ff3cdb61f5d2eae45d4abc4ded

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
age: 588
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33312
x-accel-date: 1711549923
x-77-nzt: EgwB1GY4tAH3IIIAAAwBnJIhHwH3DQAAAA
x-accel-expires: @1737469910
x-77-age: 33325
last-modified: Wed, 27 Mar 2024 14:20:20 GMT
server: CDN77-Turbo
etag: W/"40babe8e747a141b1e591abeb40e10fb"
x-77-nzt-ray: 6d204d119bf9d75203b00466164f5932
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: MT4xOzpibqOTnhJ62A5Dda-4-Nxbqpw28mdcj0JTwjt7Pz55-GPCcA==

GET
H2 200 8cJZeEFbQ1noQLBV.json Show response
cdn.userway.org/remediations/consolidated/1976382/ 245 KB
29 KB 62ms
62ms XHR
application/json 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1976382/8cJZeEFbQ1noQLBV.json
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1ab5059c8e4bebd6700264573e18cd0524d2e216d377beeb2301730ed7b4b18d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 17952
x-accel-date: 1711565283
x-77-nzt: EgwB1GY4tAH3IEYAAAwB1GY4EQH3SCIAAA
x-accel-expires: @1743092507
x-77-age: 26728
last-modified: Wed, 27 Mar 2024 16:21:30 GMT
server: CDN77-Turbo
etag: W/"6ec78f4521e42adf08b3bfe2aab35fb8"
x-77-nzt-ray: 6d204d119bf9d75203b00466e6294c32
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: WuzZVzkFX6vKVDIr7N_cXalGCIrY-HtMLsmyTIOMJeH-tRXmOrZgug==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 57ms
56ms Image
image/svg+xml 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 67a9db8bae62321fca21cfd1c50bec56.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33316
x-accel-date: 1711549919
x-77-nzt: EgwB1GY4tAH3JIIAAAwB1GY4EQH3EAAAAA
x-accel-expires: @1737469903
x-77-age: 33332
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: 6d204d117d1f485103b0046623a87435
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: 8pwl992_bIIUorsjeAo1h1oQNvi_7kSlAQKAuQYwNnZGFIe0FOtmbg==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 58ms
57ms Image
image/svg+xml 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 15
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33316
x-accel-date: 1711549919
x-77-nzt: EgwB1GY4tAH3JIIAAAwBJRPCLgH3BQAAAA
x-accel-expires: @1737469914
x-77-age: 33321
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: 6d204d117d1f485103b0046671097b35
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: da8bPHaS2mHBJWLdo3QvyGlnXWGu2FirP5aZRZ32ot5s9qWMEr96nA==

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/paid/ 55 KB
20 KB 60ms
60ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/widget_app_base_1711549083010.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c991a686b9c996471f42a4b5755493e4c738e4d011acdd70ad8125dbd5807bb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:15 GMT
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 583
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33312
x-accel-date: 1711549923
x-77-nzt: EgwB1GY4tAH3IIIAAAwBJRPCMQH3EQAAAA
x-accel-expires: @1737469906
x-77-age: 33329
last-modified: Wed, 27 Mar 2024 14:20:25 GMT
server: CDN77-Turbo
etag: W/"9013bc12d7d716821f22cc6dd2166b2c"
x-77-nzt-ray: 6d204d119bf9d75203b00466a6010b38
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: 4ritg9s6fpHVBDHbc29HbuYrNEPoXm6LPxBXRbAKg3crdqFT0JW13g==

GET
H2 200 8cJZeEFbQ1noQLBV.json Show response
cdn.userway.org/remediations/consolidated/1976382/ 245 KB
29 KB 60ms
60ms Fetch
application/json 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1976382/8cJZeEFbQ1noQLBV.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1ab5059c8e4bebd6700264573e18cd0524d2e216d377beeb2301730ed7b4b18d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:16 GMT
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 17953
x-accel-date: 1711565283
x-77-nzt: EgwB1GY4tAH3IUYAAAwB1GY4EQH3SCIAAA
x-accel-expires: @1743092507
x-77-age: 26729
last-modified: Wed, 27 Mar 2024 16:21:30 GMT
server: CDN77-Turbo
etag: W/"6ec78f4521e42adf08b3bfe2aab35fb8"
x-77-nzt-ray: 6d204d119bf9d75204b00466f5b68f00
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: WuzZVzkFX6vKVDIr7N_cXalGCIrY-HtMLsmyTIOMJeH-tRXmOrZgug==

GET
H2 200 1976382 Show response
api.userway.org/api/br-links/v0/contribute/ 51 B
429 B 222ms
217ms Fetch
application/json 2600:1f14:5db:eb00:9780:5190:bee5:ff3d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/contribute/1976382
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9780:5190:bee5:ff3d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
etag: W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 51
x-service-version: apps-ddb67952

GET
H2 200 1976382 Show response
api.userway.org/api/br-links/v0/links/ 4 KB
1 KB 207ms
202ms Fetch
application/json 2600:1f14:5db:eb00:9780:5190:bee5:ff3d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links/1976382
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9780:5190:bee5:ff3d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4183e7910f155bb413b00d23dd31f292e4e23fd28a35823628d3f10a756ecc10

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-encoding: gzip
etag: W/"1174-mo52E/i9IZaRXI+1fvysgxqJpig"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=300, public
vary: Accept-Encoding
access-control-allow-headers: *
x-service-version: apps-ddb67952

GET
H2 200 magazine-teaser-tums.png
www.haleon.com/content/dam/haleon/corporate/images/2023-updates/ 303 KB
305 KB 60ms
55ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/2023-updates/magazine-teaser-tums.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f15b6db1ad91ea5dc83908754895bb3ccc4f378a5401df093ea835fb6c55a421

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 325
cf-polished: origFmt=png, origSize=589307
content-disposition: inline; filename="magazine-teaser-tums.webp"
content-length: 309916
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 15 Mar 2024 20:13:01 GMT
server: cloudflare
etag: "8fdfb-613b8a2828a1d"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343bcb86f3695-LHR
expires: Thu, 28 Mar 2024 03:47:16 GMT

GET
H2 200 women-in-science-banner.png
www.haleon.com/content/dam/haleon/corporate/images/2023-updates/ 405 KB
406 KB 75ms
70ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/2023-updates/women-in-science-banner.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a45370e10c22f0e914afd10eec5260170e6867d3114dc8aaee3f300b3ad84247

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 672
cf-polished: origFmt=png, origSize=929927
content-disposition: inline; filename="women-in-science-banner.webp"
content-length: 414860
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 15 Mar 2024 20:13:04 GMT
server: cloudflare
etag: "e3087-613b8a2b21453"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343bcb8723695-LHR
expires: Thu, 28 Mar 2024 03:47:16 GMT

GET
H2 200 magazine-teaser-china-top-employer.png
www.haleon.com/content/dam/haleon/corporate/images/2023-updates/ 521 KB
522 KB 58ms
53ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/2023-updates/magazine-teaser-china-top-employer.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406c457e3a812797cac0e9d97dfff751fff346febda5e13167cc71445cadec0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 698
cf-polished: origFmt=png, origSize=1063403
content-disposition: inline; filename="magazine-teaser-china-top-employer.webp"
content-length: 533596
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 04:42:10 GMT
server: cloudflare
etag: "1039eb-613bfbf5c505c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343bcb8743695-LHR
expires: Thu, 28 Mar 2024 03:47:16 GMT

GET
H2 200 test-event-image.jpeg
www.haleon.com/content/dam/haleon/corporate/images/test-images/ 103 KB
105 KB 70ms
66ms Image
image/jpeg 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/test-images/test-event-image.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb2a94a1262e0d7dea7af172f61c670e0faefea862a2b7ce2b8a6e61046fa44

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 736020
cf-polished: origSize=120456
content-length: 105666
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Fri, 15 Mar 2024 20:13:04 GMT
server: cloudflare
etag: "1d688-613b8a2b223f4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343bcb8763695-LHR
expires: Thu, 28 Mar 2024 03:47:16 GMT

GET
H2 200 Annual-Report-2023-cover.png
www.haleon.com/content/dam/haleon/corporate/images/2023-updates/ 209 KB
211 KB 70ms
66ms Image
image/webp 2606:4700::6812:1256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haleon.com/content/dam/haleon/corporate/images/2023-updates/Annual-Report-2023-cover.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbb44227add7c197e0105dfc75c2273e659f01ca4b2a9b85eb97e0a68649651

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
content-security-policy: upgrade-insecure-requests; default-src 'self'; connect-src 'self' *.linkedin.com *.google.com *.cloudfront.net analytics.videomyjob.com *.googlesyndication.com *.websitecarbon.com *.onetrust.com *.userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com *.cookielaw.org https://stats.g.doubleclick.net *.google-analytics.com *.analytics.google.com *.googletagmanager.com ; font-src 'self' data: *.userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudfront.net https://static.cloudflareinsights.com *.websitecarbon.com *.userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com *.cookielaw.org https://unpkg.com *.addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' *.userway.org *.haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' *.googlesyndication.com data: *.doubleclick.net *.linkedin.com *.userway.org https://a-cf65.ch-static.com https://*.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org *.addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://*.soundcloud.com *.cloudfront.net *.doubleclick.net https://www.googletagmanager.com/ *.investis.com https://www.connectidfeed.com *.userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com *.eurolandir.com *.euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
bsg-cdn: P
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 292
cf-polished: origFmt=png, origSize=378256
content-disposition: inline; filename="Annual-Report-2023-cover.webp"
content-length: 213644
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 04:42:10 GMT
server: cloudflare
etag: "5c590-613bfbf5ac939"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86b343bcb8773695-LHR
expires: Thu, 28 Mar 2024 03:47:16 GMT

GET
H2 200 432410939_428610816499661_8641720959605635824_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 122 KB
122 KB 288ms
189ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/432410939_428610816499661_8641720959605635824_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=18de74&_nc_ohc=T3cTymMq9Q4AX_zKmJB&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfANtOptSulWhvMb1I9aSDUqAr5ELyB2ffC6972xWiDpmA&oe=6609E7A8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: da1ccdfc946a623e33bc55fa3db9fdff0a96059225e428f1b657a85428a75451

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=88655, tp=-1, tpl=-1, uplat=3, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 13 Mar 2024 17:22:42 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=346579736
thrift_fmhk: GBCR9EkHhbkRbsA0dd98QGf8Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 346579736
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 124548

GET
H2 200 432384176_1166701077869914_1409792586956626108_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 75 KB
76 KB 287ms
189ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/432384176_1166701077869914_1409792586956626108_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=18de74&_nc_ohc=YbbL2biYFCoAX_DNbaT&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfClNg3Oqf6HMYrECz9nk4EpYJFQFPdu0_qeEQND8UUZdA&oe=660A2025
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b41d203adf5b542430342383d72f5fbcc6043812bf9d42d4ac857a2a05d223c8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=88655, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 11 Mar 2024 10:10:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2179978163
thrift_fmhk: GBDQBJlxcpd6jSfbo/nuAa+2Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2179978163
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 77117

GET
H2 200 431783273_1073022140620212_2455091634654064060_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 417 KB
417 KB 287ms
189ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/431783273_1073022140620212_2455091634654064060_n.jpg?_nc_cat=111&ccb=1-7&_nc_sid=18de74&_nc_ohc=g_UkojL1yEAAX_NYCB1&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfAN29xb4K-A4PGF66-u7NOBmazVALlm_zC75ukPmSA1cg&oe=6608D1EC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 669082e79d708e0105da35a07a214703054303ccb7da6385dd780255f6665923

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=88655, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 08 Mar 2024 06:22:07 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4003254296
thrift_fmhk: GBCWCzrEmNRxB5Sn2B5W7RU+Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4003254296
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 426754

GET
H2 200 434236723_3726848487533862_5041134641795960806_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 54 KB
54 KB 142ms
45ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/434236723_3726848487533862_5041134641795960806_n.jpg?_nc_cat=101&ccb=1-7&_nc_sid=18de74&_nc_ohc=Ek7v9vYNwJYAX_gdKEj&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfDKyGumLVLqQYpj2yaEzubD3Lxr8vn4x4XxImafgHJ4DA&oe=66099F95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 147f8632c08ca673ab82cd0c067e2e472f0845572c68d10b1b304bb88a60fb1c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=2850, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 24 Mar 2024 10:05:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=638137810
thrift_fmhk: GBBZ3xeO3JR7w1kvwYjqVrNyFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 638137810
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 54919

GET
H2 200 434124243_398346476238319_3400092502981304989_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 29 KB
29 KB 142ms
45ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/434124243_398346476238319_3400092502981304989_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=18de74&_nc_ohc=XtZ4m88fjYMAX82PGnZ&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfCzWajp0oeycv7mBacmITa00eSp-mcZLo6saBEesIywfw&oe=6609E0C0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 98511514906e1a39954943f4170d2794db6733cb646266c141f0ce9d451efb4d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=3283, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 21 Mar 2024 08:43:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3211334727
thrift_fmhk: GBA6ah6GjuTB+PYMMFZP8K5eFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3211334727
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 29482

GET
H2 200 434054048_2119092221805040_6258947332157425476_n.jpg
scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/ 52 KB
52 KB 142ms
45ms Image
image/jpeg 2a03:2880:f258:1ca:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-lhr8-2.cdninstagram.com/v/t51.29350-15/434054048_2119092221805040_6258947332157425476_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=18de74&_nc_ohc=cPZZtHQJjv8AX_hpzwj&_nc_ht=scontent-lhr8-2.cdninstagram.com&edm=AEQ6tj4EAAAA&oh=00_AfBS2MpGWyHRRN9u47mENVadVh256K8vykGDlBhUf71Rvw&oe=6609CD8E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f258:1ca:face:b00c:0:43fe London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 57c3bda54fd53779dad57c11344af5532c20af7af927969ed0055c19ca7487b3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=12, mss=1294, tbw=3283, tp=-1, tpl=-1, uplat=2, ullat=-1
date: Wed, 27 Mar 2024 23:47:16 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 19 Mar 2024 13:34:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1613249885
thrift_fmhk: GBCI3oiK04kupZcKXfKIEWpCFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1613249885
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 52953

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/dYlaOVvpP84/ 27 KB
27 KB 190ms
53ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dYlaOVvpP84/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

970ad1adee2547d008a1b3ca7c998eac63e4d1874920fd8b4a13416ae8c7f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 22:57:36 GMT
x-content-type-options: nosniff
age: 2980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27680
x-xss-protection: 0
server: sffe
etag: "1709283564"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 00:57:36 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/wRogwerCDSA/ 10 KB
11 KB 263ms
127ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wRogwerCDSA/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c395c94d5c9e96b30e6bb4c6f7e0125a3feb937874e50935b0d2833273508a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10712
x-xss-protection: 0
server: sffe
etag: "1709283733"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 01:47:16 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/WEtayA4k-kw/ 12 KB
12 KB 277ms
141ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/WEtayA4k-kw/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2167800fae1efbca5b798bb2b2e3b6fb7f2947fda67e434d1f81aac6724c97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12340
x-xss-protection: 0
server: sffe
etag: "1709283793"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 01:47:16 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/kOn8rHmTlZU/ 13 KB
13 KB 247ms
111ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kOn8rHmTlZU/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56af7083e19fdafa0ebd91ece999611bb4c34815b6f208006edab16403e5924b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 22:31:34 GMT
x-content-type-options: nosniff
age: 4542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
server: sffe
etag: "1709283208"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 00:31:34 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/AI02C_qbbig/ 15 KB
15 KB 133ms
133ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/AI02C_qbbig/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d71f8cb950b450832fc495f95f8de00cc94135b97fb2af1007ba6723baf8a9a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:47:16 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15555
x-xss-protection: 0
server: sffe
etag: "1709283169"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 01:47:16 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/PkrUsQhSVlA/ 14 KB
14 KB 124ms
124ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/PkrUsQhSVlA/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6bf2a71c8cea4d7f4caaec5a5f16207b6c9d5b0832dfb0e6fb16f67bd490c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 22:31:34 GMT
x-content-type-options: nosniff
age: 4542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14302
x-xss-protection: 0
server: sffe
etag: "1709283115"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 28 Mar 2024 00:31:34 GMT

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/ 371 B
867 B 59ms
58ms Fetch
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fexperience-fragments%2Fhaleon%2Fcorporate%2Fen%2Fheader%2Fmaster%2F_jcr_content%2Froot%2Fcontainer%2Fcontainer_481579621%2Fimage.coreimg.svg%2F1678803006119%2Fhaleon-logo-white.svg%22%2C%22alt%22%3A%22Logo%20of%20Haleon%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7c4036760c79d863770cac5b3c9f8de968d4d744c22ad2ca0f1219e12780061a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:16 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 48869
x-accel-date: 1711534367
x-service-version: img-dscr-srv-8d5b377c
x-77-nzt: EgwBnJIhiwH35b4AAAwBnJIhJwH3GDwAAA
x-accel-expires: @1712123783
x-77-age: 64253
server: CDN77-Turbo
etag: W/"173-k5angqbOHWt4m+F7rJgliwKpTk4"
x-77-nzt-ray: cf8787276d73ce7804b00466a6b05b39
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/ Frame 0
0 363ms
210ms Preflight 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fexperience-fragments%2Fhaleon%2Fcorporate%2Fen%2Fheader%2Fmaster%2F_jcr_content%2Froot%2Fcontainer%2Fcontainer_481579621%2Fimage.coreimg.svg%2F1678803006119%2Fhaleon-logo-white.svg%22%2C%22alt%22%3A%22Logo%20of%20Haleon%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Wed, 27 Mar 2024 23:47:16 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBnJIhiwAACAGckiEnAAA
x-77-nzt-ray: cf8787276d73ce7804b00466e552d42c
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-8d5b377c

OPTIONS
H2 200 pdf-links
api.userway.org/api/br-links/v0/ Frame 0
0 201ms
201ms Preflight 2600:1f14:5db:eb00:9780:5190:bee5:ff3d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9780:5190:bee5:ff3d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: no-cache, no-store, must-revalidate
date: Wed, 27 Mar 2024 23:47:17 GMT
x-service-version: apps-ddb67952

GET
H2 200 slick_slider_1711549083010.js Show response
cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/ 6 KB
2 KB 54ms
52ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/slick_slider_1711549083010.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/widget_app_base_1711549083010.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e6e4a7de37605c0ab2f9413bad0c6bcab0afb5746a94244d524b5814f59b1c33

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:16 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 566
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33305
x-accel-date: 1711549931
x-77-nzt: EgwB1GY4tAH3GYIAAAwBisclxAH3GAAAAA
x-accel-expires: @1737469907
x-77-age: 33329
last-modified: Wed, 27 Mar 2024 14:20:20 GMT
server: CDN77-Turbo
etag: W/"0237d2966cb44b857afab3715fe6fc5f"
x-77-nzt-ray: 6d204d119bf9d75204b004667be83d38
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: Syjz-1WSpJXLoDCToRgdzXZQAnjtfP3uFcevVs_pE5dCMGvLrL_tKQ==

GET
H2 200 nav_menu_helper_1711549083010.js Show response
cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/ 23 KB
7 KB 57ms
56ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/remediation/nav_menu_helper_1711549083010.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-03-27-14-18-03/widget_app_base_1711549083010.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.haleon.com/
Origin: https://www.haleon.com
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:16 GMT
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 579
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 33311
x-accel-date: 1711549925
x-77-nzt: EgwB1GY4tAH3H4IAAAwBisclxAH3FQAAAA
x-accel-expires: @1737469904
x-77-age: 33332
last-modified: Wed, 27 Mar 2024 14:20:20 GMT
server: CDN77-Turbo
etag: W/"f270f813f648a284d50fe8f345c21bdc"
x-77-nzt-ray: 6d204d119bf9d75204b004665c784538
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: R_wn5s5-ns1uTevRuP7Sj8_Pk6yOlwr5KkXvsHyV8r2This9O66J3A==

POST
H2 200 pdf-links Show response
api.userway.org/api/br-links/v0/ 20 B
397 B 207ms
207ms XHR
application/json 2600:1f14:5db:eb00:9780:5190:bee5:ff3d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Requested by: Host: www.haleon.com
URL: https://www.haleon.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.652a558c3774088b61b0530c184710d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb00:9780:5190:bee5:ff3d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 27 Mar 2024 23:47:17 GMT
etag: W/"14-I+eLc34uO7lHPE89U9ERUA48pFo"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 20
x-service-version: apps-ddb67952

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/ Frame 0
0 217ms
217ms Preflight 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2F9ff761e6-6f16-4e20-800d-92706b153697%2Fa491b493-d0bc-4083-acf4-66d6d41b21d9%2F106ce14a-0504-4c7a-b522-a737945b0f6e%2FH_MasterLogo_Colour_POS_RGB.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2F9ff761e6-6f16-4e20-800d-92706b153697%2Fe7bead89-bdc7-443b-b4b1-74280968cd3d%2F2a7d5473-083a-47e6-beed-8826155f6c36%2FH_MasterLogo_Colour_POS_RGB.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fstatic%2Fpowered_by_logo.svg%22%2C%22alt%22%3A%22Powered%20by%20Onetrust%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FAI02C_qbbig%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FdYlaOVvpP84%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FkOn8rHmTlZU%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FPkrUsQhSVlA%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FWEtayA4k-kw%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FwRogwerCDSA%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F431783273_1073022140620212_2455091634654064060_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F432384176_1166701077869914_1409792586956626108_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F432410939_428610816499661_8641720959605635824_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434054048_2119092221805040_6258947332157425476_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434124243_398346476238319_3400092502981304989_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434236723_3726848487533862_5041134641795960806_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-Results%2F2023-full-year-results-banner.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2FAnnual-Report-2023-cover.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fmagazine-teaser-china-top-employer.png%22%2C%22alt%22%3A%22China%20Top%20Employer%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fmagazine-teaser-tums.png%22%2C%22alt%22%3A%22TUMS%20Bags%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fwomen-in-science-banner.png%22%2C%22alt%22%3A%22Women%20in%20science%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2FGettyImages-935268856%2520(1).png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2Fworld-oral-health-day-banner.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Ftest-images%2Ftest-event-image.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.haleon.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Wed, 27 Mar 2024 23:47:18 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBnJIhiwAACAElE8I0AAA
x-77-nzt-ray: cf8787276d73ce7806b00466bf701e01
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-8d5b377c

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/ 5 KB
2 KB 57ms
56ms Fetch
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/XJzryPgNCX/1976382/L1g1aW8HVyZNMIz7/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2F9ff761e6-6f16-4e20-800d-92706b153697%2Fa491b493-d0bc-4083-acf4-66d6d41b21d9%2F106ce14a-0504-4c7a-b522-a737945b0f6e%2FH_MasterLogo_Colour_POS_RGB.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2F9ff761e6-6f16-4e20-800d-92706b153697%2Fe7bead89-bdc7-443b-b4b1-74280968cd3d%2F2a7d5473-083a-47e6-beed-8826155f6c36%2FH_MasterLogo_Colour_POS_RGB.png%22%2C%22alt%22%3A%22Company%20Logo%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fcdn.cookielaw.org%2Flogos%2Fstatic%2Fpowered_by_logo.svg%22%2C%22alt%22%3A%22Powered%20by%20Onetrust%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FAI02C_qbbig%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FdYlaOVvpP84%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FkOn8rHmTlZU%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FPkrUsQhSVlA%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FWEtayA4k-kw%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fi.ytimg.com%2Fvi%2FwRogwerCDSA%2Fhqdefault.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F431783273_1073022140620212_2455091634654064060_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F432384176_1166701077869914_1409792586956626108_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F432410939_428610816499661_8641720959605635824_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434054048_2119092221805040_6258947332157425476_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434124243_398346476238319_3400092502981304989_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fscontent-lhr8-2.cdninstagram.com%2Fv%2Ft51.29350-15%2F434236723_3726848487533862_5041134641795960806_n.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-Results%2F2023-full-year-results-banner.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2FAnnual-Report-2023-cover.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fmagazine-teaser-china-top-employer.png%22%2C%22alt%22%3A%22China%20Top%20Employer%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fmagazine-teaser-tums.png%22%2C%22alt%22%3A%22TUMS%20Bags%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2F2023-updates%2Fwomen-in-science-banner.png%22%2C%22alt%22%3A%22Women%20in%20science%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2FGettyImages-935268856%2520(1).png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Fnews%2Fpress-releases%2Fworld-oral-health-day-banner.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fwww.haleon.com%2Fcontent%2Fdam%2Fhaleon%2Fcorporate%2Fimages%2Ftest-images%2Ftest-event-image.jpeg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1711549083010
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 468bfe093e013921f7cad4b8ce98964e546aade2c1be22d13cc54092390c8494

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.haleon.com/
accept-language: en-GB,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Wed, 27 Mar 2024 23:47:18 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1711578073
x-service-version: img-dscr-srv-8d5b377c
x-77-nzt: EggBnJIhiwFBDAElE8I0AfctFAAA
x-accel-expires: @1712182873
x-77-age: 5165
server: CDN77-Turbo
etag: W/"1431-WM8hNqKCx7PDJ/s/G8lUe01LcEc"
x-77-nzt-ray: cf8787276d73ce7806b0046673b5040e
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
irs.tools.investis.com/	1970-01-20 19:36:28	Name: AWSALBCORS Value: ECl6q1FaF2in6Xk7IatEZTRzK1krLNfj8K9GRaHZFB38jLLuSmBX2ZWXuLnwOUl4ffAk7rgYmQ6jqV47PFbWWzWGaT9k0NSorCx4oRt+56ZS02Efoz0lVfSPyCLz
www.haleon.com/	1970-01-20 19:26:25	Name: gtm_session_start Value: 1711583234569
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sKcGhLi09IQ
.youtube.com/	1970-01-20 23:45:35	Name: VISITOR_INFO1_LIVE Value: AlkPnoqlroQ
.youtube.com/	1970-01-20 23:45:35	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgNA%3D%3D
.haleon.com/	1970-01-21 04:11:59	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Mar+27+2024+23%3A47%3A15+GMT%2B0000+(Greenwich+Mean+Time)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7d2125ef-02c5-4668-82c5-68e0f3a03500&interactionCount=0&landingPath=https%3A%2F%2Fwww.haleon.com%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.haleon.com/(Line 20) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.haleon.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self'; connect-src 'self' .linkedin.com .google.com .cloudfront.net analytics.videomyjob.com .googlesyndication.com .websitecarbon.com .onetrust.com .userway.org https://cdn.linkedin.oribi.io https://api.websitecarbon.com .cookielaw.org https://stats.g.doubleclick.net .google-analytics.com .analytics.google.com .googletagmanager.com ; font-src 'self' data: .userway.org https://fonts.gstatic.com; media-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .cloudfront.net https://static.cloudflareinsights.com .websitecarbon.com .userway.org https://googleads.g.doubleclick.net https://snap.licdn.com https://connect.facebook.net https://static.ads-twitter.com https://app.bowencraggs.com .cookielaw.org https://unpkg.com .addevent.com https://www.youtube.com https://www.youtube-nocookie.com https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google.com https://www.gstatic.com ; style-src 'self' 'unsafe-inline' .userway.org .haleon.com https://cloud.typography.com https://fonts.googleapis.com; img-src 'self' .googlesyndication.com data: .doubleclick.net .linkedin.com .userway.org https://a-cf65.ch-static.com https://.cdninstagram.com https://i.ytimg.com https://analytics.twitter.com https://www.facebook.com https://t.co https://px.ads.linkedin.com https://cdn.cookielaw.org .addevent.com https://maps.googleapis.com https://maps.gstatic.com https://www.google.com https://www.google.co.uk https://www.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com; child-src 'self' https://www.google.com ; frame-src 'self' https://.soundcloud.com .cloudfront.net .doubleclick.net https://www.googletagmanager.com/ .investis.com https://www.connectidfeed.com .userway.org https://www.linkedin.com https://www.facebook.com https://player.vimeo.com .eurolandir.com .euroland.com https://www.google.com https://www.youtube.com https://www.youtube-nocookie.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
api.websitecarbon.com
cdn.addevent.com
cdn.cookielaw.org
cdn.userway.org
cdn77.api.userway.org
fonts.googleapis.com
geolocation.onetrust.com
haleon.com
i.ytimg.com
irs.tools.investis.com
scontent-lhr8-2.cdninstagram.com
static.cloudflareinsights.com
unpkg.com
www.googletagmanager.com
www.haleon.com
www.youtube.com
18.66.112.114
188.114.97.3
2.17.100.227
212.58.42.47
2600:1f14:5db:eb00:9780:5190:bee5:ff3d
2606:4700:4400::6812:2089
2606:4700::6810:4f49
2606:4700::6810:7caf
2606:4700::6812:1256
2606:4700::6813:b234
2a00:1450:4001:806::200a
2a00:1450:4001:810::2016
2a00:1450:4001:813::2008
2a00:1450:4001:828::200e
2a02:6ea0:c700::18
2a02:6ea0:c700::22
2a03:2880:f258:1ca:face:b00c:0:43fe
00d0bedd13ec03fef9edc37227bfbc71d664c5c211aaf40cac957ec13e1c16eb
01121bfad4c15fc0e8db695a9779024cf7755127c028f5c41439e3609d6a91ff
018cee6ac241a5e262e35942ccec440bbb2569e5803daa3a343fb54bfe8de430
035d882223386d31a5b48ae230cd3df1021fd24d44343f70a736a6a7bcdb4b88
03f9a9031521db22aa1520725af9a9b6b8bf84ac9e9caea649c4ab3fc6310dc6
078f29b4065f50c14a2caefc646c6eddf0576df19ffd930123cc67899c5667f4
07a67a6268d595efc4e860ac9a23eab4fdd47d67abf6e9b7016634d8f7a155ea
086b91c68373424f4e8799c21cabdcf97ec1b3b816d09bc90d2be68fb6be72fd
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
147f8632c08ca673ab82cd0c067e2e472f0845572c68d10b1b304bb88a60fb1c
16198d1021bf4d7086c0f2b729547bac8841af36a268389e7e62cc91889d72db
16f855a5ab7e4ad8cd67441a819d1e5500a449f998664bc9fd84df93cf1e5ade
1a1efa88ceb31a1562030056437e469ca6ab4f3675609773fb2f231dc822824d
1a576d86706069601c53562f8cf1d11f3a91fd847e3828e7c285e09fefd1d0ef
1ab5059c8e4bebd6700264573e18cd0524d2e216d377beeb2301730ed7b4b18d
1d384f7743cae8817db5da0fb9f5f9d8c5a5e55a731f2db982c3acec36a9d8b2
1ed45b5ba91389fe8e225b04c2d3f874b7d6ea6862d2a03f51aeba8ef957a1f8
2194def6d1b74f802eb81667e6353c92bc6336244205dede786a4274ca53789b
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
226c889afae4a9ac2e5e3500480e81a848816a6064b94b512170f901b37c0d9c
266c8c2918e6418c3fdb0ba93bbed8cb76ccf77ce8c3a1c54598cae54160e22c
2a47e6425e7b8b13cc41a793610261685f231c584701ba52f6f5a6fe6e0a02c6
34a8d4f240f1b7a01d0472d5367e1bc57e17f70a12a91aae37dcac3b33b24732
37304edefd9e53584a7ba0b0cd1c699d9cb80ec86cf9e4a849d2350640f67608
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038
390fb19701464bb77e4e9e866226c6eb2b336c4b04274dc18e1303d82c326b94
393383df7ab920859bf4fa3ea498379f91c71f5d609a47afb3a807373ae55f15
398720e3e7d4564d0daef4d432c932010b4e1ddf708f3443b6d5a365369a0db4
3c8608382a2bf23d63e27c641b359c1852ccc3a10e9bc77b670dc1f61682f68e
406c457e3a812797cac0e9d97dfff751fff346febda5e13167cc71445cadec0a
4183e7910f155bb413b00d23dd31f292e4e23fd28a35823628d3f10a756ecc10
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468bfe093e013921f7cad4b8ce98964e546aade2c1be22d13cc54092390c8494
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
4f7ca0c1323ebddec95121eeae89e118bfacec9cc6aa933846076affd7b4c577
55f42d45d026b0ad67c4c1b554c3948de5e1148f83e0fd06e3b939f73ee3ccb6
564050010ad631effd8d89ead0a2856754292964f3bd5ce28fddb428c8b73366
5688f846fd633221837db3a7eb942ffd99400a2b9217a9596e2709639b988551
56af7083e19fdafa0ebd91ece999611bb4c34815b6f208006edab16403e5924b
57c3bda54fd53779dad57c11344af5532c20af7af927969ed0055c19ca7487b3
5c34bd9f319c12b02336e55608d2b8eef829ed50801f77c8a349d31f5041b398
5dd0f3e033d80405477270245bb83a641baa1a81d708ac7c5e2bf0a3b576ca5e
5e021b59b27e1e081e5d25c2d614c05f9b4ce2a0edb84a23e98cf31b5e0436ee
5f9e45b458d785f20f91638974a6966f3024f2ff3cdb61f5d2eae45d4abc4ded
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61260bce94f129e8f85e6a5dcc4c4fb8bc1846bae8e5f8ae0484dd4e6fe5b71c
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62fc1befa1b254d0c4cffa16c912a004f4fe90f6c6175d681ab1bd3fa68164ae
6510832114ca770ccb972fab504bf2a7921b480c84c187c7bdb7afd5419473fc
653c041e40a622bfc673da2590b250164ddd2f9aa26954ae19d327afabece2e2
669082e79d708e0105da35a07a214703054303ccb7da6385dd780255f6665923
67ec7fadd41ba4613a2ab2f10c28429c60a54fec1780a1742c29a03f9dfd7b11
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c395c94d5c9e96b30e6bb4c6f7e0125a3feb937874e50935b0d2833273508a
6b20e066e2227064f73f98d93f3c5999d22eee246c94b7817a1b08066c177882
6b99a0d37ed4d85dce40c1b1ddae265e03e530a6d3cc357f534344bb5c499d89
6c9a969b0c39783087b28c4881edffa2208f4683bc8dd1fa88a6f8b22edbd02f
6cbb44227add7c197e0105dfc75c2273e659f01ca4b2a9b85eb97e0a68649651
6e58f5581d48f82e2c23dfccc6ec98ae5e938828aad350a95ca2fde4ef21442f
6ecae12ea823621b56a17fe50671c924076305b61d18e08514a18898cec86d05
745b2fc2bb216a82145cd6c35e63410fc0634e7e65fa50485a851c43e6789978
7a94a75459450039b14608c58d1e0df9d59ae805b000024cb2085ac5f37e86e9
7b4673602d2d5d718b1ebbcd2e49f1028661f5e6f2f462aa1a4da27f4d10e493
7bf9acb0de9cb27fe4c9fc53b2e92eb344ab66bc2573827d439e0608f3a9cadc
7c4036760c79d863770cac5b3c9f8de968d4d744c22ad2ca0f1219e12780061a
7c991a686b9c996471f42a4b5755493e4c738e4d011acdd70ad8125dbd5807bb
7e7827d5164b684eb0a1eec749830cdcedba44da8654254e4bf95c9089699c5d
80fe4e5ba4023916db0a675f1f2fcdb59a9411dc5d942beaffc7caa5bd47005f
81b4a2adfc76117d0256043a62c129bdfefe4b3e34a6ed2de57bb1ce6256bd9a
82b40e818e891d36eb552e231f7a971f2efd621b5c5bd7ba5a6513b92e34d5c0
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
8835afd713b55266f2ec5b39466379e7766bc72e3244a8e7b6a50e4a4848624e
8be25d59bdcd4bd764cf192496bfebcd529b56767994aca8093717dc4b79e306
90ea031c0133a5573cd7fb5f20e5e97299807be8aa598519b481f850729a3613
92dbe359a733752d01d453765714c54351cb74bec5e85c6efb0cb50b187fbf98
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
93cb4279ebdd41fd5379a1506122b0abfabbbd98ca9be82410ed3d754231dcec
94bdf0772af766a1c24ad6e894a5699c83007518570bbefb767a9e74b1c65397
970ad1adee2547d008a1b3ca7c998eac63e4d1874920fd8b4a13416ae8c7f6f7
97844014791e7702e498af1b54139d615fc5a34f9b47cca8dd9d3cce6f645bda
98511514906e1a39954943f4170d2794db6733cb646266c141f0ce9d451efb4d
9987f99bfa55d6d51302d96e85f37a37c2ab7ba366fbb509485dc11c68c98e78
9b72fb03cd75dbdbb19d8955a579a25986c8fb21101425fd10628cdacc135603
a2167800fae1efbca5b798bb2b2e3b6fb7f2947fda67e434d1f81aac6724c97a
a2e74960a8a898f89f24941c026b6287a467658c5b4da39b59247020336c1a07
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a371fad4fd9caec9001583c9cd71f79e8be4a696b11db501ccf3915d104fd6fa
a45370e10c22f0e914afd10eec5260170e6867d3114dc8aaee3f300b3ad84247
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
a8cd6b278a09b126e1c5a5da368c0c97138484f3663ed0582c95670ea6fe6826
acf245ee7adbdda36ca3f21dad90ed640ca66757693f16b015a52fcefa69290e
b02187b8c84f7ae1474e30629de943b19c8258aa1d4039c2f082daa872ef425d
b1bc221b0c9d4bbf6a567375e1d1af709cc368201e8a058bdfe4b2e3351aa392
b263f111980d7921ab0f719c39028f849c13ffffefa78044c5d12d2eee2f6561
b383c0794fc2a42ef0783efc4cd58a63571427012088a97ccb6f02b840787dd0
b41d203adf5b542430342383d72f5fbcc6043812bf9d42d4ac857a2a05d223c8
b44f42d94dd7530765f21f5b9fd7e853ce19755f00ff5f1f53644a3098d3755d
b481c2efd92277050855295a03fb800210428215d453c3980706f4bee06c5dfa
b66159db76fc9fe72aa222b4b5f42affe0b7600a432dca26502334463f6bda71
b75c3954d032885ad697300a73e46e5f48c1e0d772f12ffd1ae339abbc6fa92e
ba044862704f1def24eece53c5aaf10e4d551f8326145609540db39427d036a5
beb2a94a1262e0d7dea7af172f61c670e0faefea862a2b7ce2b8a6e61046fa44
bfc22aa61526b54bd655a11d628c6a6522c714fd355633936052ffb93368f397
c42b5d84940e593cd913004d926a9305e3d96f9c29f94e3b1c47fddce52d7ab2
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5bfd04c03906f480c05e90683db4b4d4d13465b0e0a86d60ff3fa7e60af5b4f
c74c8c82041034cce0f20643b3472c40a5169f37f6c719ff17607fbe13b9b388
c80f3db5489eadbd2d3a4b8cf98978aff1b90db06ef23008241edaa559c86786
cb6c3b6a3ff1ccda363c5e651d1bea25139e8b57d5f8f7d83acdf0d86b40324d
cbe7baf7646acd378f4825ff2a8b2d311266b776b558ae48aad8686d551c4f41
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf3afcdfa0f86f8d4d337ac1d9d6e4933402916e88fe5ac83fb7d8f7fc1a8f2a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4763209eb337b9e86a4226963cd91e9c9716c4a7acf8c1beab49a316bd8a73d
d71f8cb950b450832fc495f95f8de00cc94135b97fb2af1007ba6723baf8a9a9
d78848cb5943a3de81d805a88a849eb6afdd7514833b1a6c534f2531c6051c76
d7e914f21e0e5e828bfbc92840b0b6884c691b18f1dfe7272803d0b98ae38ccb
da1ccdfc946a623e33bc55fa3db9fdff0a96059225e428f1b657a85428a75451
daadf18154019f8527584fad372ce63cbf3dd441e4ea0d2b8f712000f77d6727
de5d9ef792760e1a8783ac37f63ac54c872b5f6442db688fc10d72c6cedbdb33
e147ca0efc3c14a9e0bf601fee78dd84b18c86db73a33817e38c1d07bfe9b897
e16402cfb85a3d41688fa6d288b283bccba48986fd8354e0bf9abd4b7ebec385
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60e49d3328e106e0df7b7aa5eb36b88b777a29c8bcea6627d1bb8d795c5bfa3
e6bf2a71c8cea4d7f4caaec5a5f16207b6c9d5b0832dfb0e6fb16f67bd490c3a
e6e4a7de37605c0ab2f9413bad0c6bcab0afb5746a94244d524b5814f59b1c33
e80542c184a6e4b487b17ec632f90e7b4ba8a9a1e2fbeee0906aefd3f3e8ec03
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ed3301260dc61e165a18c4eee7f47d74278e34887ba632eccd2b6f59bf9a5bd7
ee3434d33a5d8d26fa9b53619f18d224f64c9cefc7b9e594f9f2a585e75e2c1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15b6db1ad91ea5dc83908754895bb3ccc4f378a5401df093ea835fb6c55a421
f4415633e7c01783a0014502433e7cf5b3f4e9806abc33a3fda57f20ffe6bd92
f648b3d8294708a4d777f4596f336f639190b1ed7e5656a81d2f2bd9fc93f218

www.haleon.com Open in urlscan Pro 2606:4700::6812:1256 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

76 %IPv6

14 Domains

17 Subdomains

17 IPs

4 Countries

7695 kBTransfer

13359 kBSize

6 Cookies

30 Outgoing links

Page URL History

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haleon.com Open in urlscan Pro
2606:4700::6812:1256 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

76 %
IPv6

14
Domains

17
Subdomains

17
IPs

4
Countries

7695 kB
Transfer

13359 kB
Size

6
Cookies

143 HTTP transactions
1 data transactions