www.xeljanz.com Open in urlscan Pro
2600:9000:2315:5400:13:12cf:cf00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.getsupport.xeljanz.com/
Effective URL:
https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaig...
Submission: On April 30 via automatic, source certstream-suspicious (April 30th 2022, 12:58:24 am UTC) — Scanned from DE

Summary HTTP 158 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 158 HTTP transactions. The main IP is 2600:9000:2315:5400:13:12cf:cf00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.xeljanz.com. The Cisco Umbrella rank of the primary domain is 464300.
TLS certificate: Issued by Amazon on October 29th 2021. Valid for: a year.

This is the only time www.xeljanz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:440... 2606:4700:4400::ac40:9058	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	2600:9000:231... 2600:9000:2315:5400:13:12cf:cf00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.102.29.115 104.102.29.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a02:26f0:df:... 2a02:26f0:df:3a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.157.4.27 108.157.4.27	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e031	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.157.4.118 108.157.4.118	16509 (AMAZON-02) (AMAZON-02)
4 7	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	108.157.4.122 108.157.4.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	151.101.194.27 151.101.194.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
11	161.71.1.165 161.71.1.165	14340 (SALESFORCE) (SALESFORCE)
1	54.231.162.192 54.231.162.192	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a04:4e42:1b:... 2a04:4e42:1b::539	54113 (FASTLY) (FASTLY)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e01b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.92.81.61 104.92.81.61	16625 (AKAMAI-AS) (AKAMAI-AS)
3	34.196.43.186 34.196.43.186	14618 (AMAZON-AES) (AMAZON-AES)
2	13.109.190.168 13.109.190.168	14340 (SALESFORCE) (SALESFORCE)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
158	30

3 2606:4700:4400::ac40:9058 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.getsupport.xeljanz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.xeljanz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2600:9000:2315:5400:13:12cf:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.xeljanz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.29.115 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-115.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-27.dus51.r.cloudfront.net

docs.gcs.digitalpfizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-118.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

3822016.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-122.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 161.71.1.165 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.162.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::539 (United States)

ASN54113 (FASTLY, US)

house-fastly-signed-eu-west-1-prod.brightcovecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e01b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.92.81.61 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-81-61.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.196.43.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-43-186.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.109.190.168 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl15-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

d.la3-c2-ia4.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

pfizer.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	xeljanz.com 1 redirects www.getsupport.xeljanz.com www.xeljanz.com — Cisco Umbrella Rank: 464300 api.xeljanz.com — Cisco Umbrella Rank: 651148	911 KB
11	force.com service.force.com — Cisco Umbrella Rank: 3663	33 KB
9	evidon.com c.evidon.com — Cisco Umbrella Rank: 921 l.evidon.com — Cisco Umbrella Rank: 7868	35 KB
9	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 480	27 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 4772 metrics.brightcove.com — Cisco Umbrella Rank: 3775	4 KB
7	doubleclick.net 4 redirects 3822016.fls.doubleclick.net — Cisco Umbrella Rank: 700386 ad.doubleclick.net — Cisco Umbrella Rank: 185	4 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 447 p.typekit.net — Cisco Umbrella Rank: 549	90 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 575 script.hotjar.com — Cisco Umbrella Rank: 828 vars.hotjar.com — Cisco Umbrella Rank: 866	69 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 61	3 KB
3	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 4844	17 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	56 KB
2	omtrdc.net 1 redirects pfizer.sc.omtrdc.net — Cisco Umbrella Rank: 168907	2 KB
2	salesforceliveagent.com d.la3-c2-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 12074	4 KB
2	brightcovecdn.com house-fastly-signed-eu-west-1-prod.brightcovecdn.com — Cisco Umbrella Rank: 44762	1 MB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 396	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	37 KB
2	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 8897	1 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 810	633 B
1	amazonaws.com s3.amazonaws.com	66 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 4537	7 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	297 B
1	gstatic.com www.gstatic.com	144 KB
1	digitalpfizer.com docs.gcs.digitalpfizer.com — Cisco Umbrella Rank: 341203	1 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3342	206 KB
158	24

	Domain	Requested by
71	www.xeljanz.com	www.xeljanz.com cdnjs.cloudflare.com
11	service.force.com	www.xeljanz.com service.force.com
9	assets.adobedtm.com	www.xeljanz.com assets.adobedtm.com
6	c.evidon.com	www.xeljanz.com c.evidon.com
6	use.typekit.net	www.xeljanz.com use.typekit.net
5	metrics.brightcove.com	www.xeljanz.com
5	3822016.fls.doubleclick.net	2 redirects www.xeljanz.com adservice.google.com
3	l.evidon.com	www.xeljanz.com
3	manifest.prod.boltdns.net	players.brightcove.net
3	adservice.google.com	3822016.fls.doubleclick.net
3	cdnjs.cloudflare.com	www.xeljanz.com
2	pfizer.sc.omtrdc.net	1 redirects
2	d.la3-c2-ia4.salesforceliveagent.com	service.force.com
2	house-fastly-signed-eu-west-1-prod.brightcovecdn.com	players.brightcove.net
2	edge.api.brightcove.com	players.brightcove.net
2	s.yimg.com	3822016.fls.doubleclick.net s.yimg.com
2	connect.facebook.net	3822016.fls.doubleclick.net connect.facebook.net
2	ad.doubleclick.net	2 redirects
2	adservice.google.de	1 redirects adservice.google.com
2	static.hotjar.com	www.xeljanz.com
2	api.xeljanz.com	www.xeljanz.com
1	vars.hotjar.com	static.hotjar.com
1	p.typekit.net	use.typekit.net
1	sp.analytics.yahoo.com	www.xeljanz.com
1	s3.amazonaws.com	assets.adobedtm.com
1	vjs.zencdn.net	players.brightcove.net
1	www.facebook.com	3822016.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	docs.gcs.digitalpfizer.com	www.xeljanz.com
1	players.brightcove.net	www.xeljanz.com
1	www.google.com	www.xeljanz.com
1	www.getsupport.xeljanz.com	1 redirects
158	33

This site contains links to these domains. Also see Links.

Domain
www.fda.gov
labeling.pfizer.com
www.xeljanzpro.com
www.pfizerrxpricing.com
www.pfizer.com
xeljanzpricing.com
xeljanzrebate.com

Subject Issuer	Validity	Valid
www.xeljanz.com Amazon	`2021-10-29` - `2022-11-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
docs.gcs.digitalpfizer.com Amazon	`2021-10-04` - `2022-11-02`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-04-25` - `2022-06-15`	2 months	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.um3.force.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-14` - `2023-02-13`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh
la3-c2-ia4.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Frame ID: 7553DED5DBBFCED091E69D8A85B3A793
Requests: 142 HTTP requests in this frame

Frame: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594?
Frame ID: EFBADB6EDDA489506B3957EBC2F3A2EF
Requests: 1 HTTP requests in this frame

Frame: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749?
Frame ID: 4E33AEF593D30DC4738C51D1F6027B84
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749
Frame ID: 17AC72FBF1B560440D9D60AF4EE0871F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594
Frame ID: FB62FE83806E380DAA82D2EBC71CF2D3
Requests: 1 HTTP requests in this frame

Frame: https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594
Frame ID: BBFEF186EA96CAF3109CF68A66503907
Requests: 8 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749
Frame ID: 6FA2B4A7C31FAF98DDE62A4D83F9F60E
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Frame ID: 1C85D997A3D0D4299B098EFB4FEA89E8
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: FF507174099AC1BE0546F6096C8E9790
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Savings And Support | XELJANZ® (tofacitinib) For RA | Safety Info

Page URL History Show full URLs

https://www.getsupport.xeljanz.com/ HTTP 301
https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_mediu... Page URL

Detected technologies

Salesforce Service Cloud (Live chat) Expand

Overall confidence: 100%
Detected patterns

service\.force\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

158
Requests

94 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

30
IPs

6
Countries

2837 kB
Transfer

5083 kB
Size

20
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.fda.gov/medwatch
Title: http://www.fda.gov/MedWatch

Search URL Search Domain Scan URL

URL: http://labeling.pfizer.com/ShowLabeling.aspx?id=959
Title: Prescribing Information

Search URL Search Domain Scan URL

URL: http://labeling.pfizer.com/ShowLabeling.aspx?id=959&section=MedGuide
Title: Medication Guide

Search URL Search Domain Scan URL

URL: https://www.xeljanzpro.com/
Title: For Healthcare Professionals

Search URL Search Domain Scan URL

URL: https://www.pfizerrxpricing.com/
Title: XELJANZpricing.com

Search URL Search Domain Scan URL

URL: http://www.pfizer.com/contact/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.pfizer.com/general/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://www.pfizer.com/

Search URL Search Domain Scan URL

URL: http://www.fda.gov/MedWatch
Title: http://www.fda.gov/MedWatch

Search URL Search Domain Scan URL

URL: http://xeljanzpricing.com/
Title: YES

Search URL Search Domain Scan URL

URL: http://xeljanzrebate.com/
Title: xeljanzrebate.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.getsupport.xeljanz.com/ HTTP 301
https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://3822016.fls.doubleclick.net/activityi;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594? HTTP 302
https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594?

Request Chain 67

https://3822016.fls.doubleclick.net/activityi;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749? HTTP 302
https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749?

Request Chain 82

https://adservice.google.de/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594 HTTP 302
https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594

Request Chain 84

https://ad.doubleclick.net/ddm/activity/src=3822016;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432 HTTP 302
https://adservice.google.com/ddm/fls/z/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432

Request Chain 161

https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UTF-8&cdp=2&pageName=Savings%20%26%20Support%7CRA&g=https%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&cc=USD&ch=savings-and-support&server=www.xeljanz.com&v0=XELW10027325&events=event7&c1=savings-and-support&h1=D%3DpageName&v2=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&v3=D%3DpageName&c14=20220430&v14=20220430&c15=00%3A30%20AM&v15=00%3A30%20AM&c16=SA&v16=SA&c18=New&v18=New&c23=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&c36=20220430T0058&c54=NA&v54=NA&c55=615ef85f-c840-4177-a209-1d19cde2b365&c56=D%3DpageName&v61=US%20PCC%20Prod%20Xeljanz&v65=US&c67=US&c68=D%3Dv73&v70=2.20.0&v73=ra&v78=Managed-Custom&v145=1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&pccr=true&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UTF-8&cdp=2&pageName=Savings%20%26%20Support%7CRA&g=https%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&cc=USD&ch=savings-and-support&server=www.xeljanz.com&v0=XELW10027325&events=event7&c1=savings-and-support&h1=D%3DpageName&v2=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&v3=D%3DpageName&c14=20220430&v14=20220430&c15=00%3A30%20AM&v15=00%3A30%20AM&c16=SA&v16=SA&c18=New&v18=New&c23=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&c36=20220430T0058&c54=NA&v54=NA&c55=615ef85f-c840-4177-a209-1d19cde2b365&c56=D%3DpageName&v61=US%20PCC%20Prod%20Xeljanz&v65=US&c67=US&c68=D%3Dv73&v70=2.20.0&v73=ra&v78=Managed-Custom&v145=1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

158 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request savings-and-support Show response
www.xeljanz.com/
Redirect Chain

https://www.getsupport.xeljanz.com/
https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment

118 KB
31 KB

1521ms
31ms

Document
text/html

2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

00ce41838c021f16e46aae285d8e9cc65854808dc9758ac2d0838a2d7a4af9fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73443
content-encoding: gzip
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
content-type: text/html
date: Fri, 29 Apr 2022 04:34:14 GMT
etag: W/"d4201b577e11da84fc4e10cef601961f"
last-modified: Mon, 11 Apr 2022 07:09:57 GMT
referrer-policy: same-origin
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-id: yF8BsedpJQMxcVZrwFzDabcOlvab1aETt5YUd2q8Um9H6t-kYYWYvw==
x-amz-cf-pop: DUS51-P2
x-amz-id-2: fVmOfcGvUhar6xWZznGhrY1PZdnIAq+TAnfxTarzIAhWWHwyZLKunafkecMnYWlj725bsE2q5EY=
x-amz-request-id: RNRWK6QT455ESKXK
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-edison-type: Lite
x-xss-protection: 1; mode=block

Redirect headers

age: 784
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 703c53f04a1e9c01-FRA
content-type: text/html; charset=iso-8859-1
date: Sat, 30 Apr 2022 00:58:14 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 30 Apr 2022 01:45:10 GMT
location: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
server: cloudflare
via: varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: v-c9d362d0-c81e-11ec-b0a8-efa4abc9bb46

GET
H2 200 bootstrap.min.css
www.xeljanz.com/css/libraries/ 141 KB
28 KB 48ms
47ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/libraries/bootstrap.min.css

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 72362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: EJVVXF2VYHXS96YM
x-amz-id-2: 7Bi3zVNbr+aywmTWb40a0rvtdknQ1dQA1L309YD5JXt9V2Q9R1HuqNlnKWdamsMnfRntBLEb4Og=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:32 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:52:14 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"450fc463b8b1a349df717056fbb3e078"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 91uWbasPNNiUaaLgGM8MulDfl5PVRW0AkJE1_q8-O3KcU2USGwIJHw==

GET
H2 200 fonts.css
www.xeljanz.com/css/ 3 KB
9 KB 45ms
43ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/fonts.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8369520b16d6fe367ea233130dc9e873b0b4df23a906c58ff2b55f754579746d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 76088
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TTPH799NHK0QYDB2
x-amz-id-2: +HoZ9QCIa7RZ7ESwR+eEHaD5KE2frA0NGubiaOtWhD1eznrkWQ77xZyYvqTKddWyQXNXmR3dn5k=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:31 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:50:08 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"c9ddfa53c9218f27a54cabee9dd571bb"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 4aVY_GALjniKhLk4g1kN-8dMze9EHtYJwZBhH1I8gORvLUkJ9eFpVA==

GET
H2 200 common.css
www.xeljanz.com/css/ 26 KB
13 KB 55ms
54ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/common.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66458fa5af3f8fbfc9a2b3f72af403cf06d320a21c58c419a90fa8efc1fea0a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 82467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 0EH9P43RHP0Q30HQ
x-amz-id-2: wmp9I4Gr+fZQ+b5Neefns3WcipW1hpjDbQ6v4KB1C2Sc2ygA4+eh69WiclfxayIE3YQBb+0vhmw=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:30 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:49 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"c467c4a142267f9cafe6e062ffd37d3c"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: OY3faKjl7lEeBFapurkkL_AxaIAfFu9rq-ZjYE8xl_FPThhogpO9Lw==

GET
H2 200 main.css
www.xeljanz.com/css/ 29 KB
14 KB 27ms
25ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16e29a84d9fd7e33de92c8a1e543bca3c4c32b7e6be611cd0d99917b3280e03f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 85868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: MHQ7J9D2ZFKEN3F3
x-amz-id-2: N9rgbkoTOtAB1ifkR88I9Ris6yT25lwa/hm8EEInOu9NgSRRTyShY2/JUMl8oyhz7vEEDJaBSyk=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:33 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:08 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"483c92507981fa944600d50c6fa41d82"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: i1tMbg_tQN8YlOXeTi9trEhSOyoRn_ZKiyF2Gsz6dKCPp-63Up7vvg==

GET
H2 200 footer.css
www.xeljanz.com/css/ 4 KB
9 KB 56ms
55ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/footer.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f90a9390b673f823fd0534efc7f897272d111e2db5ff71f99539def0d821e15f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 72360
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: RQYXQVHFMR24Q748
x-amz-id-2: uJq1qW7qikFiSs01wRwy0cOd+8bRYnrjyU7hzE5dxKQa5a5iAlhg30Daf5G0UJEuCQ3xy69ETRg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:31 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:52:14 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"d57dc05ec6517594aa50f832bbc089dc"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: bFKOffEg9aDGM-hC_sG4-E_Xwc3-k83eni8WCcgG1hI-SMCMiRtZrQ==

GET
H2 200 isi.css
www.xeljanz.com/css/ 17 KB
11 KB 43ms
40ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/isi.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb84ac5a7c14de28f7cc5c3417d73c315dfca7ff75a2804e65d59c0c59c1d9a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 72360
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: EJVR858JH164SSD9
x-amz-id-2: cxWT54X8ZyRORz113LxYZtdGjVr3NU0TrwNjCAMF3bCzlnbZPqkhICe9HQmS2HPZxXhPIJ1VGh8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:32 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:52:14 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"5cdbaa0169d38257f9546e3c7aff28e8"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: _7fX_kcJDCKNuQ63mFmi9VkcWoq78WBgt23sj22FgSMMsdxpHPMuDg==

GET
H2 200 popup.css
www.xeljanz.com/css/ 6 KB
10 KB 57ms
55ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/popup.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83c5ece9cf35853761e37b49818a9b793e1d28a0961fc9326286b13d7264abdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 76087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TTPKVHFMHRV6YNWA
x-amz-id-2: ANg2u9G7Nr0acSserT6l8r3pr5QgxyOjby/Pw43Fcd1mRf2/nvyyij/Q+BA1jbfeFpOfls6oqY8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:34 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:50:09 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"dfdb535a298b9f04102f148248b317d1"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: QwztzGNjoMUSOoCS7g0PBYuXgKFUBqMoCwH4FtHL1MaxSmFLOVGhXg==

GET
H2 200 header.css
www.xeljanz.com/css/ 51 KB
15 KB 46ms
43ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/header.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d932d1509fa87aa4926040d0dd9f6e71344538fe18cb071e6ebd0eb38dade473

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 78526
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TTPZ0SHSJ5CRZS0Q
x-amz-id-2: T42Ej6C6UBzAXOalEGiRDxSWDJuxCQkngWFyw4pN240JpqjpIQqE8XRLHOT3LAAhIOJiHZgQBQg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:32 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:09:30 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"a3456e26ed3934aee4922b87433b3144"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: jSqaE-yYKJWLN0nMTk62mJctVH8ju8jlS12j_Z1EIsWiL5Qi8YBcsw==

GET
H2 200 header-telemedicine.css
www.xeljanz.com/css/telemedicine/ 17 KB
11 KB 166ms
164ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/telemedicine/header-telemedicine.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f26ae552d6c54992aa045b5f02f21f27258b7a1d2805259d070deeb2c3afb88d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 82467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 9ES95FXPHG9M8KPX
x-amz-id-2: Agw8aROIiv906oXJ4/0ktWcl5qBwbIr+CuIAzd1hETgezO4bBf/5LJWBm8yaFd2xh0w+f3lYGbM=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:35 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:49 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"0e126f67158cd8fbf07ff30d79cf6a4c"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: gsTvtBSIlqB3Bnf0nS2ZmPDykLEExW6b70uuDbaixiWhqp-F-gXkYw==

GET
H2 200 tabs-css.css
www.xeljanz.com/css/telemedicine/ 7 KB
10 KB 41ms
38ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/telemedicine/tabs-css.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d720c7eb4c630cbaaea9450b4d94de193ccae370f906c56dca72fc65cf4375cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: XFPQVB1AGKTDM4J7
x-amz-id-2: 5KPlj6uPa7WOx8+wSbUHoa03AatZYVE/8U9kRU7nX/9P3XuxmcFuxPPEVjOKO214UF/pASAEifg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:35 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:18 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"527769012ebe95146d9a2e83cd5c1506"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: -sIYtgeeSKr8y8-OK8jxxyDkQeAAz9zXYrn-GxzpdWD6aNIvYBzsxw==

GET
H2 200 telemedicine-saving-support-video.css
www.xeljanz.com/css/telemedicine/ 9 KB
10 KB 53ms
51ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/telemedicine/telemedicine-saving-support-video.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39a8834ca2b1baefcda1e9038ed33a33ccefcccf1ce9d99a06a145dae8906735

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 72140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 3E28RHFY6KAFC06S
x-amz-id-2: XuoTaj8wMRTtBQz9BPrtXFVetCmdFMUyi/ksxKZYRd/2ibnjqIYYaYHmM/aqaZnGXY+sGYlyWW8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:35 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:55:56 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"7427102d2a97330bbfdd81e9d6386e1e"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: HBT07mufi63ifeNEidvO3xDbILvKR0e5N3R6PmX2r36SkxrGgVBy6w==

GET
H2 200 telemedicine-terms-condition-orphan-page.css
www.xeljanz.com/css/telemedicine/ 3 KB
9 KB 51ms
49ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/telemedicine/telemedicine-terms-condition-orphan-page.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fec99c3b5d4f16d226677a883490a45e70e42bdb8d6d81753c1ad495bfb8b4d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: XFPVTGJWCBK8YN4W
x-amz-id-2: Cv9PS4MESqLa16Oe2kSRq2Bp8wt4LVN8EvebY3loJubyaTR44NOZTmQJDrzW6W4rgNbLzBH8uro=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:35 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:17 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"777785149d97cd6f013510a3adde75bf"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: Ll7OyeAslIA9Z4uMcFK3Q-uOHnk5WhEAhyDGteKbOUs9hFYt8CeSsA==

GET
H2 200 as-sprint-main-homepage.css
www.xeljanz.com/css/as-indication-css/ 18 KB
12 KB 63ms
61ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/as-indication-css/as-sprint-main-homepage.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

65192ae936d6b51de5a33a17590ef562cfa114f7cb5a87084eb7391fe001518b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: XFPQXGC2CJ6QR666
x-amz-id-2: MrnBCFDbGEpHV4RbuG0tRcbIsu/cTIOFaKsW4FbNP8eGCR1JHpRCvqqXn4xFXOqSrj69xjCqPF4=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:29 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:18 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"23339abaf298c5f2c54487fa386d4916"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: wz2Bx8NZ3ARfxf4Hi9hYlwDFaS_blhVgWQpPZnEIPeAmARpRvcIcQg==

GET
H2 200 savings-and-support.css
www.xeljanz.com/css/ 12 KB
11 KB 82ms
80ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/savings-and-support.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff6371615e0346773838916e3221b18cdec2d47dc6de8d58aa4f05c9368f01fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23719
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-request-id: GGW4J2BZX28WFJBE
x-amz-id-2: YFNdgccRndMYxAWCn0+wznzaErtLRdO933KejGYvg8+LWgTHNYvU/mBV33I1/0jZUbkvHaX4VlU=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:34 GMT
server: AmazonS3
etag: W/"7fb620429c7df59845e4a57ee370e69b"
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: T8Ai_ysUgX1VwGWrWP4I-7MUSN82XcKtX7P86bU4kYJDqDGJCyOoXA==

GET
H2 200 jquery.min.js Show response
www.xeljanz.com/js/libraries/ 86 KB
38 KB 176ms
174ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 75463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TTPZ3Q7ZSBA7DAHC
x-amz-id-2: s+MhzGF55ah6qAbofQ2ua5s9cqhYk8cY7xBmPMkpaX7Hd+xtWFSCyocL8PibBL4Byb8TefoQ3sQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:24 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:34 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"220afd743d9e9643852e31a135a9f3ae"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: wiWlxAjFwjGdmU7t1_NvAxhV542iNEjgg_1vdn7dgIsfctwbd77xRg==

GET
H2 200 bootstrap.min.js Show response
www.xeljanz.com/js/libraries/ 48 KB
21 KB 58ms
56ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 82467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 9ESAA0FP6NFP6CDK
x-amz-id-2: iD3eLbEbv631n28pCb+rF/jXRqmcx00mcRMVvzGqwtGNBxxI61HWEOhI15Tr69P8mVgLypEoL3k=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:23 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:49 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: CxRHa37NXAOWELLnPpf1m3WKDSwQXvcPVL_qYxfC7mMaCon2GKhbnQ==

GET
H2 200 page-referrer.js Show response
www.xeljanz.com/js/ 2 KB
9 KB 59ms
58ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/page-referrer.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd2ccf45da08b34dc3f8c86357dec93b2578540e027724d069b875c7f3ea5a0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: HWGR8BZE0FAWDAH7
x-amz-id-2: bchBKBWowOakhXBZsA++fhkm2GUcDUwQjFdFR5zEj16ZPD2DWHSF8eYEXM8aGhvirzgSNLEjbs4=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:26 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"05355235f4377ae7c678efa42b7c1be5"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: qyymGTd8TAbesp3MtpDPsnmd8YvuZA9jU64Q_fGx1UfmUO6IXEfcFA==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 156ms
28ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Sat, 30 Apr 2022 00:58:16 GMT

GET
H2 200 sticky-header.js Show response
www.xeljanz.com/js/ 3 KB
9 KB 116ms
103ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/sticky-header.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d18b28392abf0df96019c6f0a535cd2188a4d01906191e617ab38a447e4bf07

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: DPRF80Q50XWXHPWY
x-amz-id-2: +cK1a0Y+WHu0oFo+NB5PuBGS1EtMSMI5QPcrtet82FKxP6PCvDkxc/7RqeKz7q9tHo64UZP7VXw=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:27 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"03e8d89f152ea09ce1314ee64728fdca"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: wNXWkEYhfLZRbm77dFGadggJceI0VbH74Ie37i8QKLbDNHqsn5B4aw==

GET
H2 200 ra-tabs.js Show response
www.xeljanz.com/js/telemedicine-js/ 597 B
9 KB 106ms
93ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/telemedicine-js/ra-tabs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

733e749efc0409aa48e4b96aa6bddfd07545d21a4907049b0dd83eefc7172ec6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81710
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 1TTP9KFQH2JWKA0N
x-amz-id-2: IP8G56vFcxLxgUyXZNPnfqBc2kTISUxRpwKfNTbmfzPe8SUYKd2fXeaslwvJwBP3Y5/pI6Ycv2s=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:27 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:26 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
x-xss-protection: 1; mode=block
etag: "63cd9c2da1aee4c8baaa8927884d4160"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 597
x-edison-type: Lite
x-amz-cf-id: bqU5RB2ceI5RhBHyxQ2KSoK0-Thjfz1xmp5XaX7vJBS_Jru8MbW6gQ==

GET
H2 200 custom-cookie.js Show response
www.xeljanz.com/js/ 8 KB
11 KB 76ms
75ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/custom-cookie.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a42186915ee465c5086f8101ce8a196f8bffd87018735e7cbce4926da6db36c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81717
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NF9MKZ7YMFVV02MJ
x-amz-id-2: YnPC/aERQgAAzzM/x0PsFQtRwNmXCLLfPfoqbsgZYFmWNuw4NTpp2ggNzj1dQAHMZkUYzVkzFW8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:21 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:20 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"94feb4f5a2db3ed75f3db244e12eee86"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 8ikwKbc9yEER8BEFf3yVMVxi8Px8q4K5kmOKP-Ft0Vz1HNKsSToHUw==

GET
H2 200 jquery.cookie.min.js Show response
www.xeljanz.com/js/libraries/ 1 KB
9 KB 66ms
64ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/jquery.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 71029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: AYBJG395S56AMHSH
x-amz-id-2: GmiOuf3OvtgTTAUkXdwwv2JbVn/TaJXA8g7xy9H5DmMf4ncsrpNQdotqWFP9aqXAxRZOMwhv+KQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:24 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 05:14:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"4412bf8023109ee9eb1f1f226d391329"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 7g33SGj7fO0CIFl5Qj3FvE8DYwZQsFWGFQbJ_6ZutHDKB8hfVSsPSw==

GET
H2 200 smartresize-debouncing.js Show response
www.xeljanz.com/js/resize/ 884 B
9 KB 64ms
63ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/resize/smartresize-debouncing.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a066a57f285c4d2fc351a305f7e3671220d85e97c3f711a70fef42c7c9324f89

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 82464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 9ES758S9X5G7AC2X
x-amz-id-2: 0m4RKOKrn5uxh8ZteBumvMPkWpJB6lgPeNPVdJUUWJOHIjw9MOZ8z2zfEIrh+FpvVeTVAwrOQcU=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:26 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:49 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
x-xss-protection: 1; mode=block
etag: "2e3a9a3722c9b2f83e6aa46db5eac67c"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 884
x-edison-type: Lite
x-amz-cf-id: HpviSklHh5iooJ4Q9gLWoTgsnOiRqyP45LNvhD6HeeCewnP9FeVo5w==

GET
H2 200 detect-device.js Show response
www.xeljanz.com/js/detection/ 3 KB
9 KB 78ms
77ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/detection/detect-device.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63294beeb111bd9e7a737af90ad92ad5699400034d5c61e3226a42eaf54b4846

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 75463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TTPG240QMTA2NKY8
x-amz-id-2: eTjhtAXHmpKhA10z5buI5bt68bRj1HrfQEs2AHGVjXx0vlFZrlZM2l3lQ0fLeLJke2lS0JaDa94=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:21 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:34 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"fae8ff4e389edb6dcea16572878e6a12"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 9LYpMg1LkDq8GklH-7JSBVa8x8yoxqBXg9xCmfLxSuTgvoXKHJ5mLg==

GET
H2 200 detect-breakpoints.js Show response
www.xeljanz.com/js/detection/ 1 KB
9 KB 79ms
78ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/detection/detect-breakpoints.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2668fcec43672a3cc0af9c37ce3e20a9340a60557db859ded6402ea0fbae7028

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81717
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NF9M60FZ90Y18RSY
x-amz-id-2: gUJIVeNohBYWbdRJs2OTg53jx+Lv1umQFNPrgyNPByiZj/+TJowyt5ueYRvN4JRl5ei8EHfN/fg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:21 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:20 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"3b311b69071b48c54596a6571981e560"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 0m2TqzGgesBqw9IIcoxKehzmpMU3Oiy7ZSKvnM-vZxpUzsL0SgAonw==

GET
H2 200 jquery.lazyloadxt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/ 2 KB
2 KB 28ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

305c7973d04b5ac7b4ad4f7f1a5d08ea73be8831fb0929949b754c92a6b49c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1394793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1226
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-97f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8NCPo0HLab49dDWb0jvS5M14uGKuL9KUaIGR96BACrcQca%2BBjBUFL94kJI7ftn2W0skgJwTWFPTyjgP3I7eWycrTJPeBsegiZZhlowBQA5CLM6yxaJZwrRGEeLP3MezcvZv73lVkpX9C1QafFVQG6e%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 703c53fc7be49bfe-FRA
expires: Thu, 20 Apr 2023 00:58:16 GMT

GET
H2 200 telemedicine-saving-support-accordion.js Show response
www.xeljanz.com/js/telemedicine-js/ 2 KB
9 KB 60ms
60ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/telemedicine-js/telemedicine-saving-support-accordion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

314b282484505a154f1d0172dc25e92c151a58bde4f21c86efd3fdf8eb523825

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:22:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23719
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-request-id: GGW0HREQCX29ZBQT
x-amz-id-2: KEDXfnz/RBRynRFxji+vcDdzdV2rv03dCCCvUzcRjNI0PglA/LP5ttf4B+vD6f97yA3a43h9Qd8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:27 GMT
server: AmazonS3
etag: W/"2b65a3a18bef9e05e886f7ece2a22802"
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: Q08eDMZHX4B0uoOq_CsqGpqCL6uvTHN1vTXeEV_7Bo-OFB_uNvAnDQ==

GET
H2 200 icon-fa-exclamation-circle.svg
www.xeljanz.com/images/icons/ 914 B
9 KB 125ms
112ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/icon-fa-exclamation-circle.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

008dfd9fc0f4f86f80e5ea56e4e5f48c198604ad2e3b4da24b3958066503608c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 75455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: P4WCZDZPFXVYW2CN
x-amz-id-2: MkB8XIQJ0VBzIeFUrfTYlxBVnL1pqZapxseoMjPObiQ3ZmA9aRmHMLjYDXLtUa7b4sB61PZmELY=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:58 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:41 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "7ecfea1c1aaec9ddd0e3c6dd12b0da03"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 914
x-edison-type: Lite
x-amz-cf-id: NTz4skrESFYVBFMhJo21e2uLOkggJcEJcCHFlQtJ4fniMMJ5uF-KFw==

GET
H2 200 icon-fa-plus.svg
www.xeljanz.com/images/icons/ 705 B
9 KB 185ms
172ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/icon-fa-plus.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f48eaf33812e9dfa0b25ed27a82d818e49447b61f1f6b161971b4fedbd67203

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 75455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NA0J42W2FVR8TGM8
x-amz-id-2: iETtw+IFSGfyx4+Dyf1JXlZP3JPZYTx+uHMXEI27rtoZEDtfkecgF/HWYyVjk2aSvuJ6li6uWeI=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:58 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:41 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "eb8c918748c4defddb7027ff482a60e3"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 705
x-edison-type: Lite
x-amz-cf-id: V5XuFx1-PSz6JC4M2GzIleISFa8eaQKAHE8Og-auANJBuXTye785dw==

GET
H2 200 popup-close.svg
www.xeljanz.com/images/icons/ 2 KB
9 KB 126ms
114ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/popup-close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2ef6104a91c494c4246227a87b19006ca2ae82a8afe08c86f7c8933dca8095e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74039
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: RR6W1DJEHJE6QB9Y
x-amz-id-2: Vs52GUqNpgFl7Ta80cmyf7a1AfSV5LnXW2zYFtxV55hxeC3S+lvONeraaFA0aepxVLtj2ShkDjg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:59 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:18 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"9fe3b607ea1cac48f2349c5c3724dca3"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: xCCUHteSyFXAwEO6xJZKyuZ4YFyEgq8sJBuM9jWAsmfn03H6IKjcow==

GET
H2 200 logo.svg
www.xeljanz.com/images/ 17 KB
13 KB 97ms
85ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18f1a3c08cea337c1abceab33645782f2050166b315349e420f4bb7ab5469b78

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 75454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: P4W6YSC730YV28CZ
x-amz-id-2: YtNn4TTZzcrlmKP99ZV7Wy8+PAzCWBO/NSyNMq3x7YF92C7+znksrKGSz4bDrG365FCBGmt43w8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:08:11 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:43 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"22eaebc5ca3d90a418b2628a7139c26c"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: apn0OHAKqBo8VqN7-viNhnmxPEhbGqsjmQMqqQZMQljkLFBa3ysIuQ==

GET
H2 200 close-btn.png
www.xeljanz.com/images/ 2 KB
10 KB 83ms
71ms Image
image/png 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/close-btn.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c10a4b1ced355524333b330207e690e8eed044aedb5118eef38a1b4d867a07d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 85865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: QHTH9JDD40JF1GBY
x-amz-id-2: g/CKUDp+HUUhnl1akBXu1VRZq2faGRns6bD8C3o+iP621CY1XKmeI/6XXt+MZ2jfYfa523SzVtY=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:01 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:10 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/png
x-xss-protection: 1; mode=block
etag: "e9b8d2a2934c5174e40e34a06b252356"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 1632
x-edison-type: Lite
x-amz-cf-id: 1mQYs4IxcFhOvTbJVnHQ5c09-EMG3dy2LgqooNvNXxibPjiWZ7FQTw==

GET
H2 200 video-thumbnail-saving-support.jpg
www.xeljanz.com/images/telemedicine-images/ 14 KB
22 KB 84ms
73ms Image
image/jpeg 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/telemedicine-images/video-thumbnail-saving-support.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46f884faef399925ce9b10f7e1874c9da5b39d44c8a33801feb1898f1fb56dfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: VVG0E275X586DYMN
x-amz-id-2: iDmGtAzVDrmOB8enrzdL5h/sN9NLj7l1DwwPJo2CUvN2xxxMCdHmK+e4uOIp9VyTOa0vRuY5tHw=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:08:46 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 18:23:03 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/jpeg
x-xss-protection: 1; mode=block
etag: "2aa810e54eea87b7463b4308ac53b0e6"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 13908
x-edison-type: Lite
x-amz-cf-id: 2FL5X2_aL57aKFo0ka34xg-IvoWe25ksxehEXn_SET_Ftwmmb6JY-w==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/1852113022001/Bktl31JMb_default/ 754 KB
206 KB 817ms
763ms Script
application/javascript 104.102.29.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.29.115 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-115.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5a1a0a519cb15cecc9efbd15b874c91182855a6e05c25463c4df1d340519378d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: Yvtc5pwyEsQHFqEv4HmFfwGNLMIYxOl6
Content-Encoding: gzip
ETag: "57da8b7481dceb6901a7f4ae3f5bd5e7"
x-amz-request-id: 2XWJZKW72M0JJFKQ
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 210382
x-amz-id-2: EDxTkcUnZqRCY2g8c5ybeJE6gGLaaqDogHUdXNJCJV1QYOPTOKsiBEAqK+wgXQSxb/an2qQ0liU=
X-BCOV-Response-Mode: 1
X-Served-By: cache-lin2290022-LIN
Last-Modified: Mon, 06 Jul 2020 15:44:31 GMT
Server: AmazonS3
X-Timer: S1647033010.189414,VS0,VE747
Date: Sat, 30 Apr 2022 00:58:17 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=283
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 phone.svg
www.xeljanz.com/images/icons/ 2 KB
9 KB 99ms
91ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/phone.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

84601ab6b87966dbd0deaa5b7b4e38e53c5a3e4307a90891ffcd91899670d386

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 23916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: AWCHTHSAX9D7206J
x-amz-id-2: eCVmk4Eedt/iNNNX8dY2Kkn4UUsGmqidEg6WmF59UwQbZ7vNP02vth7BBnLE4kxoHNFWsB8Ooy8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:59 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 18:19:40 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"cbb3c42eabdd28ca3f90141104565a43"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: -JMIt2xnFPZeAfGpnf79CgG5ZVjAwpcr1gOO-XAFT96Gp044woJ0Vw==

GET
H2 200 xelsource.svg
www.xeljanz.com/images/logo/ 4 KB
10 KB 101ms
94ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/logo/xelsource.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b20f3529722c0c0292f9b1e8281a98462f1b3513696b91dbe563004800dbb09c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 57608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 7SDXYGP03PE84CD8
x-amz-id-2: RCFudZlKnK+46j2VSLAOYD1wRMMbznFp5iBd2HQRmNJnIqV7/fiSadhMpiNsOuGWyISTXdlLCjA=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:08:11 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 08:58:08 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"04b22aced4189d107709888ea75fd0ff"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: SZDgB5Plji9BGFkKIJQAxpfPtm_YwIfEtr0-JKnlnoiXV6cYjn_RkQ==

GET
H2 200 script.js Show response
www.xeljanz.com/js/ 16 KB
11 KB 30ms
30ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1552df4ef4509e6fec20905e161a4c8fabf1b9ba78f8be007f8d034fd1e68df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 75461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: AJ93MWS1EW18BHHG
x-amz-id-2: +ZePptayNqwGLRSXx40bQkLi7UQpGMQ6Xl7DkUkEb0t3Vo2lFruEXI7XYg/aST1VueWlP/8ehG0=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:26 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:35 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"303236f86b85fa85a6f0f5c7f853c3f8"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: nOo9wmZIs8t9qPgv1HSuEyUhLkfr_y4lGzM_kdqG0XdmUypQIR4YMQ==

GET
H2 200 pagename.js Show response
www.xeljanz.com/js/ 7 KB
10 KB 34ms
22ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/pagename.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdbec3ce90f5c4efc7f36125c98c52caf6f501594d0fdfb39c9b4b9f71048a4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73910
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: KWYE49QT5Z6XV3C1
x-amz-id-2: 7E45DSwx2Ok1ecDSi2EGrA9ibOhmv7Hei4AZcPGxkr9wDo4NVPFqemDqyw7yGu5v3hEXDwBQvFo=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:26 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"beb2e177ebb2c269b6b1937902d042ab"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: Xglz9fMUbLich7vPg3SsFjTrTn2SvkbjtZfRcR3aoHHI9BnVGTCqcg==

GET
H2 200 metakeys.js Show response
www.xeljanz.com/js/ 12 KB
10 KB 41ms
27ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/metakeys.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

573051fff252d1ec00104280810db24986fcb73b91d4ab22b18afb302fe46ed4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81715
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NCX6K40T51T27KFV
x-amz-id-2: AaX0e0IuztrS5iAZt7kgxx2I88OWJxlrQN6vnvOjgYtFVlcyeJace/kF2NFJ7d6Z5+Qo+/CbqGg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:22 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"d15bbb05fdaed383a8d46ae089533863"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: Oj9g03rPQJhmGqy9W7IPiIgr1grPqAfTafO7nmUGLX5d3QXQxUZW6w==

GET
H2 200 referral_links.js Show response
www.xeljanz.com/js/ 84 B
8 KB 74ms
60ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/referral_links.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5d9a54202c86c83cd687217b8298dd1fba87c6be13fb91c5ad9db3b3abea035c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 85865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: MHQ4RREQ5XCV8VWN
x-amz-id-2: Z0bzSifQjVIrlAZlAEcOzfS9+poUnoPG0c0p3pWeKnFgpgt/hApyxxOSoxZiV9ujaUXwVaFd0Lg=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:26 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:09 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
x-xss-protection: 1; mode=block
etag: "2e86734e4c876dc6ca632a0610440759"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 84
x-edison-type: Lite
x-amz-cf-id: txz2PyZMYQbPJFCFXxyf2W6FYZahlHfCSbr0owoESvx0T-UMXyLVdw==

GET
H2 200 jquery.maphilight.min.js Show response
www.xeljanz.com/js/libraries/ 6 KB
11 KB 43ms
29ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/jquery.maphilight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9d42b8247255c1d8fb1f549892431cb84dae9e98c7e6f60e7b7986115bbfebd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 85867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: QHTZXBR26NT1RPHJ
x-amz-id-2: GvdODrYLNh26/PCfBIc/9C2KPuVaKU2N4Qj3zDXrLjeXzWSiiU/8Dp9oeTl/1zWCDh0+qgHQ5+8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:24 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:10 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"f3c1c94cdeb79c589e722fa73cfb1165"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: loe5wUUSvG6Pqygv4WhiMQ5LxR8Ax3WSyzxi0_lI0p4LFWpi18wgBQ==

GET
H2 200 jquery.uniform.js Show response
www.xeljanz.com/js/libraries/ 26 KB
15 KB 53ms
39ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/jquery.uniform.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1bdd5ba0a903829d7604612ac3f76e8fba8a05c38b26704246064bcaf7ae355

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: TRAKRPSAPN4TN3G1
x-amz-id-2: XpVet0GnmDIk8Inpxnzm3dKsMwF8bWRfllWRUeBQF8l7xio3E6vsH2NHfRLOQ+vpZ8T4AIGt7W0=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:24 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:23 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"1fae8e724967441a4404414c143d360b"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: SGD1D7zJMYU9_7lB0fCQ7FoxvXXAIm3SE-7u0f9jT5STv7S52XYp9Q==

GET
H2 200 savings-and-support.js Show response
www.xeljanz.com/js/ 2 KB
9 KB 46ms
32ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/savings-and-support.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7aff49f06daea1c31fb2f2b456c583ab4647b8c0b9b0766a2f53a54e0cd3028c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-request-id: 0HVKAXMNHH3Y5GQ0
x-amz-id-2: cRc+XTAn+GDzhZsMgwhHCrJtFYm+YAWS4XeOgRAm8RNsCpYrbMAJqsNFUFrE5llolLKNLvprkjs=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:26 GMT
server: AmazonS3
etag: W/"f1cde4b7e1915c81b4f9cf1b679a56f9"
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: D8OKOEl_ROlrGhQ6nSGjn6E2E5cJt4-_K4YezKV2xliFHSIi3lzZDg==

GET
H2 200 SalesforceEmbeddedService.min.js Show response
www.xeljanz.com/js/chatbot/ 30 KB
16 KB 99ms
83ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

419505385add7c842f46f74fed8bce67cb2d852c45586d18518126f159114bb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 75459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NA0ZH186DF0P9KA7
x-amz-id-2: pMNs88FWRVOHx16WNJYG3ngropdjHNc7VGlrXksSJdxNm0b5fOn9I6d7o+3iCGN1kME0pFPkZ9A=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:00:37 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"fcfdd86b5a11d71e0f819b4f9d7788eb"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: iEqmR8Ydihfz-h4uhmPSgPAXRsYb4bvKrANTEJnGyQfV36ed_GZcpw==

GET
H2 200 XeljanzEinsteinBot.min.js Show response
www.xeljanz.com/js/chatbot/ 982 B
9 KB 68ms
53ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/chatbot/XeljanzEinsteinBot.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c923fa9af7f7ce6c4bdce22e715f67744b79f0b2c4f0445272c79a121b5c91d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: SJA1WGYQR04MWN7H
x-amz-id-2: FRqbqLxg/TE7MMApU6ljxdzg+FE8Jo+GQp0rwhZs6B0EZIf630Sjp7Rgox9URMfK3CxN3HVqpig=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:24 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
x-xss-protection: 1; mode=block
etag: "bfa7a9d9a279690e715c8d05782921c6"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 982
x-edison-type: Lite
x-amz-cf-id: FLHSE6is8Uk6VBlFxAgR4e9kwh2qzIeABs5iwhPME1d5CYOwwqpIaw==

GET
H2 200 XeljanzCustom-Styling.min.js Show response
www.xeljanz.com/js/chatbot/ 10 KB
11 KB 55ms
40ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/chatbot/XeljanzCustom-Styling.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1099704208d26d872003b0ca89cb426202d5544cbd2931c8271885a63b7fd382

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: JD36RDVDKQEGRGTQ
x-amz-id-2: 3YsUdix+1m09lmbdGMV0AGXw0nOiYcMBvLxeE9w7XKEDIrhH9lswekNBXnuk6IBNpmv06a23Z2Q=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"0078c1b5ec818aab1edbc455f94eb3b7"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: v0xAc7SFkNDumYQoD-lyCQjzrx3nUtlt2Zjejc1hIHv4tDBykujUgA==

GET
H2 200 XeljanzEinsteinBot.min.css
www.xeljanz.com/css/chatbot/ 16 KB
11 KB 85ms
70ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/chatbot/XeljanzEinsteinBot.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

056a8ebc64755f2a644ce9f6b88f64f8d4e0e6c85ec29353be8af4264ed9946b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 85865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: QHTZX2YRDECSZRF1
x-amz-id-2: J1WlQEiU+Gyi1I1rpDwDzv7uca7EEcwasdmT0Xne9HHQnLifi/iLuYwt0qTnYvXvVpJo1RfuSQE=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:29 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:10 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"c195fc11b6e3e4086cd81a5ff6a2f1d1"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: i_WpBxw5ZdICOxzQE8ktRwF-uoEnV0Ni813NLMKX3bWXfz1IG9f16Q==

GET
H2 200 isi-modal-icon.svg
www.xeljanz.com/images/icons/ 2 KB
9 KB 107ms
101ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/isi-modal-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8836fe9a3dfe27049df86d0d2115944176aa8ba177a60addbafd838842354157

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 72357
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: EJVPPG3KQZGPDFP2
x-amz-id-2: 1jftTmb8kOCYFpaXDgLNawztW0fbzaejC/KQOud9NP1qbR+BRNqhLU3S7IWH8WOwVLlGyoxN7xI=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:59 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:52:19 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"69437a1ab1fd569584e9875a3c74c348"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: UvX4lVDoFiRDaWmyj19saId_rrvDo0MLI9TcHXY0kqnmn7Gp4nSyNQ==

GET
H2 200 launch-cf7670f58ac3.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/ 58 KB
19 KB 164ms
30ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7744d59242ace2af9d3e5da63335fabd752537e4587a285571c187cfd53caf82

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "6ad26da14b941212b6c488701a5c2b8d:1608217654.22259"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 18954
expires: Sat, 30 Apr 2022 01:58:16 GMT

GET
H2 200 font_FSAlbert.js Show response
docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/ 5 KB
1 KB 123ms
2ms Script
application/javascript 108.157.4.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-27.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af772d00787070d3f3bd152d82659ed2c50b7a35c231df00983cb251b6d80609

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: eWEylXlrakW0hO2tYyl1.DzfmuvGTbfV
content-encoding: gzip
etag: "9de184ec34c0217d30a0ed4cbf855271"
age: 418559
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 929
last-modified: Wed, 16 Mar 2022 16:19:14 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: 0
date: Mon, 25 Apr 2022 04:45:13 GMT
content-type: application/javascript
via: 1.1 271c2e1e305f31b0f14837cad3c843b0.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: lwsa4UOLxHB4kzHa6bXzcNMXpzCsV_SGw145NZ0EZV_DC_64EZ4r4w==

GET
H2 200 lottie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.9/ 245 KB
52 KB 28ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.5.9/lottie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 46636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53063
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-3d54f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZ4Em5PA2B5n1si7rLXkiFxsREtcBWsRB70TWDi7CSb8oYrM%2F7TDs6YZW2ZNl4keTpjnpiQkuZcMhwlztnFBcMv%2Bmn6xH8m7gfr6yOIqacCCJFfUgQjjhRvInx%2Fce7p4rhuML%2F7U2Cv3Pl0E%2BTi1L2pX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 703c53fdbd7c9bfe-FRA
expires: Thu, 20 Apr 2023 00:58:16 GMT

GET
H2 200 tooltipster.min.js Show response
www.xeljanz.com/js/libraries/ 39 KB
18 KB 137ms
123ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/tooltipster.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f701eb02f2a4e86dab6abe79ace82d02a8d91dff08cfc794d042a45eb110e9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: SJA8QBKCV3HACS0T
x-amz-id-2: Uy/KABVRfJktdVKMxeFl9UwsU68LsXxYTBIePhDDHR8AlBD5YSZV7AfR1yJJcWkLdWmrop3K73Q=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:24 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"3dc177e0513acd1c765d3b69ccb20765"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: hmHAwdU6EtQ45j8joPB4Maol3XIB4z6eNUUcj2Un04lDcw2gmubyYA==

GET
H2 200 tooltipster.min.css
www.xeljanz.com/css/libraries/ 6 KB
9 KB 58ms
44ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/libraries/tooltipster.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e624cebaf6719a404c296184b2b90deead0d68c0c87446a7c1834aab70abae5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 82461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: KTEXJ8RD0Q2X5JN2
x-amz-id-2: vEO2M6YpluOhMKOqsHjf1qEKaA78LKNOdqT070BjkDRo0VpiZm9QLrFEUNkgzx9S92hdLuXNVcg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:33 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:55 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"2bf51a8d2dd66393d99679b2bf54d76c"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: v2qmOdIaoAz8MrJBP43VI1nwxxqD_drJWoFOiTN72lgLb7VZK-2tfw==

GET
H2 200 menu.js Show response
www.xeljanz.com/js/ 5 KB
10 KB 95ms
81ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/menu.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57c76dd9e213ac109a6bd0b4d682ac9002a054859fe409f1f9715a506901980f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: S9J4B1SEF0WYXKW1
x-amz-id-2: qxij5dYJHAakjhveB7H21Huk1FK4rKIo7iXtmT6NHrfb69NzFwijw0e7/Gn+kBnHS6x+zUN5Ybo=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"72001982881bccf41d7abe44124eabfc"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: qZhqRPUJya8632ta1253aT5jP70F-8iXQsBM9wLnLKZ4g8UlTpPTyg==

GET
H2 200 mCustomScrollbar.min.css
www.xeljanz.com/css/libraries/ 42 KB
12 KB 56ms
42ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/libraries/mCustomScrollbar.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 82461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: KTEY1BNF60K1K5ZZ
x-amz-id-2: DuN/QFYjhnzfrc+E6dx09YhNfs73CMTKQEP3Qa4HuiTdGeLZsCTTobll8uSHXQ76rHSTenUh/4Q=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:33 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:03:56 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"f59e3f4c0087b4d8ddc27bdd9c9ab92b"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 25kRnz6Dr3ZUb1kQ5K6FvT5rP0sBZgQgK_mofbd8cPJU1kOAWeD2BQ==

GET
H2 200 bla8tfy.css
use.typekit.net/ 11 KB
1 KB 158ms
29ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/bla8tfy.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bf30f21ee6c7d05c68726d17b7756e5acd16ec81db8d3fcdc04b777ebadbe9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 30 Apr 2022 00:58:16 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1232

GET
H2 200 uniform.default.css
www.xeljanz.com/css/libraries/ 10 KB
10 KB 82ms
68ms Stylesheet
text/css 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/css/libraries/uniform.default.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

01907f050af7af24649a0956fe68094a9a97c8d120bed0e135dad3da1df4b889

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 85865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: QHTZC3AZ5AK11ZGF
x-amz-id-2: 5s4C4rlemwZBJOKtujeRwBciXLmxNQClso92l1utz0zEFQhzA0xzrgoqGlFcG42N9EMOvcuCkc8=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:33 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:10 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"c38919ae7262586767040145eccdeeed"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: rFaf6_CfjLwjDRPqq51a35OTIz6SdoTAePDBwvQL4uGgxyGfnu8oLg==

GET
H2 200 mCustomScrollbar.min.js Show response
www.xeljanz.com/js/libraries/ 39 KB
20 KB 113ms
99ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/mCustomScrollbar.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 85865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: QHTWSQCY9TZA6SJ8
x-amz-id-2: XXZkrPSPTz2GwVJJoKTtFsEC3N/sWObQsUt8Vy6lWtvFrXqv9sCXpMiHwZELuSdvBUs0Jou9HMk=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 01:07:10 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"e3c66e39b9dc1c0d391d05a3e6dc53cf"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: s1aDjLPGWi5FNQUa2t-EvVf4OzfPbpR61KhCTgfdewqEnOEa17P0Nw==

GET
H2 200 parallax.min.js Show response
www.xeljanz.com/js/libraries/ 7 KB
10 KB 118ms
105ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/libraries/parallax.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 71026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 05GTF8K2RDF7VYNC
x-amz-id-2: LZpLfjgoHCyisiJ5u06tQo3eR7jvXQV5NuY9UD2HaEhq9xm859ZVr7Ln9LiEorS7A76eRzse+k4=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:25 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 05:14:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"ca13e0c8eee04011dfa63c97cbaf90e3"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: 2vGIlH2fsDIiSCNpOFesy1q-Nrp4KltZGFuafPLTsbqS0ZY9XCHvcQ==

GET
H2 200 analytics.js Show response
www.xeljanz.com/js/ 20 KB
12 KB 68ms
55ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c82e1a431ea6a980a1e04dc53e5be414a0e90c255a404f0723cabccea4c36ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 81711
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 87FWHPW3X07C1WSC
x-amz-id-2: 8pO1Jet+WrH6BbA8kXO9qsUAihmZgWk6IZHJGPPqJepvY7N7+wXEcWFsulQpT7VFNmYGycCStzQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:26 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"9d8534de88f1166f25fdfcc5911ecb9b"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: Op1GeLjT6qs8HXY-dFwBA0NZ9hEObVrZvUGU5PM-u__hdoaiomASxg==

GET
H2 200 analytics1.js Show response
www.xeljanz.com/js/ 24 KB
12 KB 165ms
151ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/analytics1.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ab9721a6b80de7e7c02e87ed0e74ec73599b13940c09bc08e9f663cf76f3b1b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: ACB8N04AMRMFW16M
x-amz-id-2: 7IRni6VKpO0sTpuiPLev9im88ix/zek+eIfpj/8jc7vY8uk4waYxEc8uz3WR/uWBzvCB6hxMar0=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:20 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"93d6ae1d5b66cdb769b13871124d21cd"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: JZ1Byustfa25__8QF2O8qhgxyQAroFtJnXpUvkTRvMCrS5WbQnNQeg==

GET
H2 200 fullpage.js Show response
www.xeljanz.com/js/ 4 KB
9 KB 73ms
59ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/fullpage.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d04352fa2c3edaa588bc8850d5bdda5e22c01cda2b0f8afb21cdd530cc32191f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 73909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 6DTQNVRFXBRNKZH1
x-amz-id-2: hccng85T+02CKOto8q008xOQPlMZblD1td3UoFdMpQkpBEm2gKRaIcNumxU6EVOUNimOU/pwRJ4=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:22 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:26:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"b51424f0f74cc64beb0ff0e51661219e"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: GC2gG_rk08JVQKE1hlO_SiOMfY9HZKc3PFEvhToK_WlXZiAPv9huoQ==

GET
H2 200 isi.js Show response
www.xeljanz.com/js/ 29 KB
13 KB 174ms
161ms Script
application/javascript 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/js/isi.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0d8e95aaf936d65aa17592c30c25b7869a15c4718e469fcde9cb8e798a32f655

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 71029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 05GR1QYGW97Z6DYB
x-amz-id-2: sIPvIeAu6rt6bHeb1jD2xHFqnJDI0dzsDb3Wn+0I/xc2zuSId8vd3o2C5JmqtEWA5UlXSxQHQCQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:09:22 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 05:14:28 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"fcfaa3829aa48c7b32fbc4cd3e611037"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: kNl2ppaSRkg4vk5R1OJkV6SCvmCYSkEessre6cgKGo3GX_sByuKCUA==

OPTIONS
H2 200 getoken
api.xeljanz.com/quickauth/ Frame 0
0 1007ms
526ms Preflight
text/html 2606:4700:4400::ac40:9058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xeljanz.com/quickauth/getoken

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9058 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.xeljanz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.xeljanz.com
age: 0
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 703c54009add91d1-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 00:58:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: cloudflare
vary: Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-request-id: v-9f0493c4-c820-11ec-afee-9790100a98c5

POST
H2 200 getoken Show response
api.xeljanz.com/quickauth/ 1 KB
1 KB 489ms
489ms XHR
application/json 2606:4700:4400::ac40:9058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xeljanz.com/quickauth/getoken

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/libraries/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9058 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ef0d0271833205647deef1806e3e427fb69a9b2bedd2e9b874cf2257d49830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
x-ah-environment: prod
content-length: 822
x-request-id: v-9f5137a6-c820-11ec-90dc-77da038a04f6
access-control-allow-origin: https://www.xeljanz.com
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept,Accept-Encoding
content-type: application/json
via: varnish
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 703c5403edba91d1-FRA
x-drupal-cache: MISS
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 hotjar-527250.js Show response
static.hotjar.com/c/ 4 KB
2 KB 150ms
48ms Script
application/javascript 108.157.4.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-527250.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-118.dus51.r.cloudfront.net

Software

Resource Hash

bab6abf5cd5ef26a0ad478791ba9f1672606067cb573630222537826bcacc4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-P2
etag: W/6155e3e7be4371797280d40d7bc2d95f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: -tDAaK-MJngLpxY2GzLA-LAHUxQI1KeTTqbsSn5TuLC3BmHLGru_2Q==
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)

GET
H3

200

savings-and-support Show response
3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=... Frame EFBA
Redirect Chain

https://3822016.fls.doubleclick.net/activityi;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/sa...
https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20...

786 B
581 B

77ms
43ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

408a8b91ed5b7022295e659b9664bfed75dbe41b0dfd591301f59f20812e8c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 556
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

savings-and-support Show response
3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;... Frame 4E33
Redirect Chain

https://3822016.fls.doubleclick.net/activityi;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com...
https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety...

795 B
586 B

51ms
25ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

720856eb77027d32170a30abfc9284e6971bd3cb105897ca2fc88ae66522d6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 561
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 saving-support-desktop.jpg
www.xeljanz.com/images/banner/ 20 KB
28 KB 924ms
874ms Image
image/jpeg 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/banner/saving-support-desktop.jpg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/savings-and-support.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f1771e26cbbe3ca6214866b1c4a7314648d387ff41f83cc29564108a0bebfe2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/savings-and-support.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: FES5ZJ3BA295F58B
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 20182
x-amz-id-2: aXu5+WkaMX4Ap1L5yNUFr4KK9/zdHfGJUi+M5DR7lkM62T9nq5c4woB1SzxT6VQMbhFG2IEAHrQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:56 GMT
server: AmazonS3
date: Sat, 30 Apr 2022 00:58:18 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/jpeg
x-xss-protection: 1; mode=block
etag: "1e98f2ebf6be3b15e02c0e6df5a66476"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-edison-type: Lite
x-amz-cf-id: QUnLZYkG8rNPEGRqeON_mdNfPTpCmBUbCcQDn6COYPFVFZj6u-1wXQ==

GET
H2 200 header-utility-icon.svg
www.xeljanz.com/images/ 2 KB
9 KB 65ms
21ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/header-utility-icon.svg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/header.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efa0f726c5de7d329445d128c3f76c968eb53f121a1c3fd0420d62af77d6be38

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/header.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: GVNGQ8S5NJQNX0E4
x-amz-id-2: Qg4LM+quDRWswnMkk+kT2jubs54mWlS5cvIZS7LRKiA5ubE9hLK9mJt1wt1r8kJeD8vvbMtuvKg=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:45 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:20 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"c07072c8ef9e0f18e8c0d3de584de313"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: kzRk0b2vvWt2C080V5wN-slwm5oVmAq_Ko-AW0TaLZ2RWT9pJ1bQpw==

GET
H2 200 arrow-icon-down.svg
www.xeljanz.com/images/ 1 KB
9 KB 80ms
36ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/arrow-icon-down.svg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/header.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03068f86db93fc5c26d79d9136cd1c9d36c6d385d99048e9103a5bc775f5d674

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/header.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 74036
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 42EK4G2EGZBKHRY8
x-amz-id-2: /mKTtG7gseNelLGWM4gY9eZoGf6DnMU1AC3SoP0s3WMBz/DJXJZH7vv/rnUgLmv25DJOMHFM3DQ=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:47 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:24:20 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"ca3804c3db310386b376d8f416f1e571"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: YoqNMUXXgmJlUtzWiZI3LoB7n_h5Ea-j-zNgc6krHY_MFeb7P5uWuA==

GET
H2 200 icon-mail-sign-up.svg
www.xeljanz.com/images/ 964 B
9 KB 58ms
14ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icon-mail-sign-up.svg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/header.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dcebf8650b7415b13e348614e8c97395a7b4ee00de7ff87e9989ec4f77ec1f94

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/header.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 78518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 7503DZNX2HRFMCEH
x-amz-id-2: FgZOGheX3ymdRXl5ZZTtLad3klS2iSOJf4JjuiCKgkNK/gpRE1v7yLy4v4N1nKLNen1VxN1Lrwk=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:46 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:09:36 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "8a8e255f7a927c900e0103dcf1e24872"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 964
x-edison-type: Lite
x-amz-cf-id: H66g53Pioo-15VfPTFCfmM-4EF9xj0-yWxydSUPn_KIFqU91xYap_A==

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 klavika_medium-webfont.woff2
www.xeljanz.com/fonts/ 21 KB
29 KB 63ms
19ms Font
binary/octet-stream 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/fonts/klavika_medium-webfont.woff2

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

58cdbe229108812a2f918d1d247f87ae19b558d9b8ffb51c88b9cd046d7bfe43

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xeljanz.com/css/fonts.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 77498
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: P4W1C56H464B7QTJ
x-amz-id-2: dVjKNFD63pIaX44b66SKJOC6oSlr/9K+H7OO4KmCzUvTSXQP2bWGejN2vT51l+AqFciyJMFL3Ro=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:43 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:26:38 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
etag: "c257fe60beb6c1c26305aefbfbd1cfba"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 21680
x-edison-type: Lite
x-amz-cf-id: dlTXqNf2yscWBcNH6_TTqMRdUFMg2advJGLBpgqOFj6L7m1TeC-9VA==

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 363 KB
144 KB 83ms
19ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146779
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 16:48:39 GMT

GET
H2 200 modules.baa1e9f436cbc137492e.js Show response
script.hotjar.com/ 237 KB
62 KB 38ms
15ms Script
application/javascript 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.baa1e9f436cbc137492e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-527250.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-122.dus51.r.cloudfront.net

Software

Resource Hash

d8db4c66148c36a801d2f9722adb309d34a5019fb6cb6bb175d538d1074fd7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59650
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63202
access-control-allow-origin: *
last-modified: Fri, 29 Apr 2022 08:23:12 GMT
etag: "15b72241c4d0c1988e9485c14fe22a5e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hoxAOOK3GOwkXneIn_dZ_Fre5dM7ZKK0TlWwwGE540q-Bwf0wwujqw==

GET
H2 200 savings-and-support Show response
adservice.google.com/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=http... Frame 17AC 794 B
631 B 113ms
57ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749

Requested by

Host: 3822016.fls.doubleclick.net
URL: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e31d09cce730b8067e4d9569a3cb3670d904624f03deb0146282e85342a180c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3822016.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 561
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 savings-and-support Show response
adservice.google.com/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https:/... Frame FB62 785 B
1 KB 83ms
56ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594

Requested by

Host: 3822016.fls.doubleclick.net
URL: https://3822016.fls.doubleclick.net/activityi;dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6c008a30a9cc3a76174ce72d2afedf393413a2cb4c855410f57b8603ea60fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3822016.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 556
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

savings-and-support Show response
3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=... Frame BBFE
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=...
https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20...

3 KB
1 KB

25ms
25ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

d9150d95cb343cd724bf29ec6754645e7fe78e79781feb33b6be75f538744617

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1369
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:17 GMT
expires: Sat, 30 Apr 2022 00:58:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 savings-and-support Show response
adservice.google.de/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https... Frame 6FA2 194 B
287 B 141ms
62ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMrri7zKuvcCFR4fBgAdp_UGNg;src=3822016;type=xljnzmbd;cat=visit11;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=2506524537306.749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 00:58:17 GMT
expires: Sat, 30 Apr 2022 00:58:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432
adservice.google.com/ddm/fls/z/ Frame BBFE
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=3822016;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432?
https://ad.doubleclick.net/ddm/activity/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord...
https://adservice.google.com/ddm/fls/z/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=...

42 B
63 B

79ms
51ms

Image
image/gif

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432

Requested by

Host: 3822016.fls.doubleclick.net
URL: https://3822016.fls.doubleclick.net/ddm/fls/r/dc_pre=CMKni7zKuvcCFcshBgAd98kCfA;src=3822016;type=xljnzmbd;cat=u1pv;u1=Savings%20And%20Support%20%7C%20XELJANZ%C2%AE%20(tofacitinib)%20%7C%20Safety%20Info;u3=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment;u4=RA;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9089888688523.594

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 00:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 00:58:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=3822016;dc_pre=CI6zp7zKuvcCFe6csgodqOoAxw;type=xljnzmbd;cat=visit11;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=1;num=9999192256772.432
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame BBFE 99 KB
27 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: UdYvCZh1sKN3tVNQafHDmIZhY0XiEuxF1xapVpmCqIeqac5iVPnP1aAFqE/fogg+w5fcGU1RhUPr+HckMH17kg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 30 Apr 2022 00:58:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame BBFE 15 KB
6 KB 58ms
20ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 79NW47W2DD20S86W
x-amz-id-2: wf9W3gafuoPyih33FpAxRT18FBzxRBrpkViMv09+6s90XehQgKwlak5nkFwGufpK0AF4g646uLM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 1353340774728905 Show response
connect.facebook.net/signals/config/ Frame BBFE 39 KB
10 KB 51ms
42ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1353340774728905?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc66411d5f8df9b8e21d0ddaed383153575d89601f75417a048a0cf7bb589311

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: y+PfCAimQZRs12TLzFpkzSlgqVoQQ+G40nEyaf/y2w/Udncs89qMn9HPq63u3TUD7xOesM/O+8eAzZErrIqGUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 30 Apr 2022 00:58:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651280297244
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10127051.json Show response
s.yimg.com/wi/config/ Frame BBFE 2 B
482 B 439ms
399ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10127051.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: FQ9P5HGD86HD6A84
x-amz-id-2: sD0r1Qxji9ScL2famXTNUtShHqqLtpPrnr3A4K4y7LsjHvhFuoqeS3PcPYtIax/9tPsojdh3aJI=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 /
www.facebook.com/tr/ Frame BBFE 44 B
297 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1353340774728905&ev=PageView&dl=https%3A%2F%2F3822016.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMKni7zKuvcCFcshBgAd98kCfA%3Bsrc%3D3822016%3Btype%3Dxljnzmbd%3Bcat%3Du1pv%3Bu1%3DSavings%2520And%2520Support%2520%257C%2520XELJANZ%25C2%25AE%2520(tofacitinib)%2520%257C%2520Safety%2520Info%3Bu3%3Dhttps%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment%3Bu4%3DRA%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bord%3D9089888688523.594&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1651280297258&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&it=1651280297195&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 30 Apr 2022 00:58:17 GMT

OPTIONS
H2 200 6297405235001
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ Frame 0
0 48ms
7ms Preflight 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6297405235001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.xeljanz.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
bcov-debug-cache-stats: unknown
bcov-instance: unknown
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Sat, 30 Apr 2022 00:58:17 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-amz-cf-id: unknown
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra19154-FRA
x-timer: S1651280298.537607,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 30ms
6ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:17 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-fra19180-FRA
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 227646

GET
H2 200 telemedicine-savings-video-play-circle.png
www.xeljanz.com/images/telemedicine-images/ 3 KB
11 KB 28ms
28ms Image
image/png 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/telemedicine-images/telemedicine-savings-video-play-circle.png

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/telemedicine/telemedicine-saving-support-video.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6144ced21a51b4eaffa8cfcc9a5adb5a70fdda7b9f06505eb61119a40e52852e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/telemedicine/telemedicine-saving-support-video.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23714
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: AWCHAZ6YZSCPSKP0
x-amz-id-2: hO0W9+fKa6qnUMdEZ2gxdD38U8mup61NvlqP8T0asiI279J1ddJZrcV+Qek26a/go82RJ3WnzQQ=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:08:45 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 18:23:04 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/png
x-xss-protection: 1; mode=block
etag: "7c26c4f54bc693d77bef26f910203031"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 2820
x-edison-type: Lite
x-amz-cf-id: l8zJE4iUsS3Mhzb-7xqTNGEfdGllTcKGJ2ATzvh8d5yVppYTlHf4Mw==

GET
H2 200 6297405235001 Show response
edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/ 3 KB
3 KB 257ms
256ms XHR
application/json 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/1852113022001/videos/6297405235001
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75a5c6db418eb6578695a17508329d29ba8d9fb0e09e14118fc9a5611e2b01c6

Request headers

Accept: application/json;pk=BCpkADawqM28Lld0XpcOG31EHcf6eWjrQOOpiwnFBZmjHz7cFF4iPjst9gvCskzPZI-AlehXGjthmKJ-7FX5BQuihun26ZwKiQ1drJGK9MHzwCCq8u3MNy17z9jhIDigusZqR-tVt6kK19aF
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

bc-override-client-ip: 178.162.209.132
date: Sat, 30 Apr 2022 00:58:17 GMT
powered-from: eu-central-1c
bcov-request-id: 622d805d-fe21-474a-9867-00deabdde92f
age: 0
policy-key-accountid: 1852113022001
x-cache: MISS
access-control-allow-origin: *
powered-by: BC
content-length: 2926
x-served-by: cache-fra19154-FRA
bcov-instance: unknown
policy-key-raw: BCpkADawqM28Lld0XpcOG31EHcf6eWjrQOOpiwnFBZmjHz7cFF4iPjst9gvCskzPZI-AlehXGjthmKJ-7FX5BQuihun26ZwKiQ1drJGK9MHzwCCq8u3MNy17z9jhIDigusZqR-tVt6kK19aF
x-timer: S1651280298.545581,VS0,VE250
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 0

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 68ms
21ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 30 Apr 2022 00:58:17 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 67ms
20ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 30 Apr 2022 00:58:17 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
BLOB 206
Partial Content 83ec0553-67b2-4fec-9f19-cabc768af928
https://www.xeljanz.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/83ec0553-67b2-4fec-9f19-cabc768af928
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 5c5d1e89-e8c7-4c19-a596-a864cb630fd9
https://www.xeljanz.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/5c5d1e89-e8c7-4c19-a596-a864cb630fd9
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content cfd647a8-35aa-415a-8617-623a72198648
https://www.xeljanz.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/cfd647a8-35aa-415a-8617-623a72198648
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content cfae2695-db86-4081-97a8-2b4dac654de0
https://www.xeljanz.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/cfae2695-db86-4081-97a8-2b4dac654de0
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK 719f03b3-0e49-4f25-8db8-16cfa6d63b08
https://www.xeljanz.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/719f03b3-0e49-4f25-8db8-16cfa6d63b08
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK common.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 5 KB
2 KB 114ms
22ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/common.min.js

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 23:57:30 GMT
Age: 6716
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1918
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:21 GMT

GET
H2 200 fa-chevron-right.svg
www.xeljanz.com/images/icons/ 704 B
9 KB 27ms
27ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/fa-chevron-right.svg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/common.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2285ac53c247c9e2fba98e8e6d72c66a513ea769f99774b0a7faf2f590649a10

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 72140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: 05GT0T9D51KTACCW
x-amz-id-2: rWQp6BxLlGSgBA7n4NKfsRi2VIG6VWqfVWSRHtFMgk1pArLn0QhYwHdrfyEsgzGcnBWJo3CNlak=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:54 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 04:55:58 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "10f3f07181ecbb9c8d96bce16c9e6199"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 704
x-edison-type: Lite
x-amz-cf-id: NmxbGwJikV-75jRrAyLiUgukNcGTRA23Hbu62_zPvNAnH3t4tNfGiw==

GET
H2 200 klavika_regular-webfont.woff2
www.xeljanz.com/fonts/ 21 KB
29 KB 167ms
166ms Font
binary/octet-stream 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/fonts/klavika_regular-webfont.woff2

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bfa096868388ea7a452b5d1ae748cb0c78df85d7b87516d58c8ca20eaa62da4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xeljanz.com/css/fonts.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 81693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: NHZK26JV3T40QQN7
x-amz-id-2: FbCHXJEa4d6FaHvlmYJhwePec1PlJ7lK0U3WD49sndq6ElLOnZQdjsUJBLNH1Q7ldGst1suA+Ss=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:44 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 02:16:45 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
etag: "7c3ec34eb48440952d33444e8a42ca9d"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 21352
x-edison-type: Lite
x-amz-cf-id: gWyxCy3siP34s4bdcCkzQuWhPZJjH-K0bWXBWkh-nbVvoJ2M8JX8Kg==

GET
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 22ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=aedc93e4ffa7eb1d81bb79a0&account=1852113022001&destination=https%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&platform_version=6.42.5&player=players.brightcove.com%2F1852113022001%2FBktl31JMb_default&player_name=Brightcove%20Default%20Player%20Ra.xeljanz.com%20Desktop&source=&usage=bcPlaylistUi&usage=bcPlaylistUi-vert&usage=inpage-embed&event=player_load&time=1651280297543&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=11200000&qos.performance.memory.totalJSHeapSize=14300000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=0&qos.performance.timing.loadEventStart=0&qos.performance.timing.domComplete=0&qos.performance.timing.domContentLoadedEventEnd=0&qos.performance.timing.domContentLoadedEventStart=0&qos.performance.timing.domInteractive=0&qos.performance.timing.domLoading=1651280296355&qos.performance.timing.responseEnd=1651280296351&qos.performance.timing.responseStart=1651280296349&qos.performance.timing.requestStart=1651280296319&qos.performance.timing.secureConnectionStart=1651280296304&qos.performance.timing.connectEnd=1651280296318&qos.performance.timing.connectStart=1651280296295&qos.performance.timing.domainLookupEnd=1651280296295&qos.performance.timing.domainLookupStart=1651280294829&qos.performance.timing.fetchStart=1651280294828&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1651280293885&qos.player.dimensions=%5B%5B1651280297542%2C%220x0%22%2C%22512x289%22%5D%5D&qos.player.pixelratio=%5B%5B1651280297542%2C1%5D%5D&qos.player.screendimensions=%5B%5B1651280297542%2C%221600x1200%22%5D%5D&seq=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 30 Apr 2022 00:58:17 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pf_appmeasurement.js Show response
s3.amazonaws.com/pfe_im/js/prod/pcc/ 260 KB
66 KB 411ms
119ms Script
application/javascript 54.231.162.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.162.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ea3428983ec9462ead4bf948fdfe980b9727eb4bbc4a0fa69d97908e4d81d71

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-amz-server-side-encryption: AES256
Date: Sat, 30 Apr 2022 00:58:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Apr 2022 11:36:12 GMT
Server: AmazonS3
x-amz-request-id: FQ9G19QF5GDVSHVA
ETag: "52239592dbc8e0624e991e1d86429087"
x-amz-version-id: iELqN1HGjCIVpxxpbZ8Krn6VccaLvQE_
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 67009
x-amz-id-2: HVAvikUlU+fgW/nMmTwZK7CekNxiYo621RIWWtJX0k5knvBVJ31RBKl4UR3L/K7bAJtasSOT+d4=

GET
H2 200 klavika_bold-webfont.woff2
www.xeljanz.com/fonts/ 21 KB
29 KB 28ms
27ms Font
binary/octet-stream 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.xeljanz.com/fonts/klavika_bold-webfont.woff2

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aee767905b68ea3f552f045d11ce1ff1eba17ddd3dbf334c044ea7539f6fa030

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xeljanz.com/css/fonts.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 77497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: M94VWGYFJ9CJZXHZ
x-amz-id-2: +Q58Qci07hSMfLXR1gewe8xXQrb1qhvD5KQJ1zn6I2J04Bcau8IG1B7MERCzmGw+2kt9Y60sGhY=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:06:41 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 03:26:41 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: binary/octet-stream
x-xss-protection: 1; mode=block
etag: "3964024b5c3fcb06d62d14bdb4640cc2"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 21372
x-edison-type: Lite
x-amz-cf-id: e2CD_L5LheHhGzRy3v9nBQ_Fws37RwG8nuNnF5aGIVPw1mOcKY2ixg==

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 9 KB
4 KB 25ms
25ms Stylesheet
text/css 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 00:43:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Aug 2021 14:11:56 GMT
Age: 882
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4027
X-XSS-Protection: 1; mode=block
Expires: Sun, 01 May 2022 00:43:35 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 20 KB
6 KB 45ms
20ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:26 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 17 Feb 2022 19:09:22 GMT
Age: 6711
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5778
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:26 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame BBFE 43 B
633 B 95ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2030%20Apr%202022%2000%3A58%3A17%20GMT&n=0&.yp=10127051&f=https%3A%2F%2F3822016.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMKni7zKuvcCFcshBgAd98kCfA%3Bsrc%3D3822016%3Btype%3Dxljnzmbd%3Bcat%3Du1pv%3Bu1%3DSavings%2520And%2520Support%2520%257C%2520XELJANZ%25C2%25AE%2520(tofacitinib)%2520%257C%2520Safety%2520Info%3Bu3%3Dhttps%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment%3Bu4%3DRA%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bord%3D9089888688523.594&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.12.0&isIframe=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3822016.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 00:58:17 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 30 Apr 2022 00:58:17 GMT

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 48ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 30 Apr 2022 00:58:17 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/10s/ 7 KB
7 KB 60ms
51ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/10s/master.m3u8?fastly_token=NjQ0ZGQwYjRfYjQwY2MwYTExNjU1NTJiMzYzNzhhNWNlZmM2ZWQ4OTRhY2EzYmJmODY3YTNkOTg2NWQxOTU3NDk5ZDdjMDlhMw%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: b227db3465567dcb9cb4cbf2b16ceb31685d02bfeb2950e91d692649f98df228

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:17 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 7261
x-served-by: cache-fra19154-FRA
x-device-group: desktop-chrome
x-timer: S1651280298.823224,VS0,VE45
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=15770000, max-age=15770000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 796b2161-1221-49ef-bf66-5a87185fd7e2
https://www.xeljanz.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/796b2161-1221-49ef-bf66-5a87185fd7e2
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6cf001d2139c7b8e8ad3b28f6aee37fe46c9fa0ceed880a75a73f9c6cf52125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

GET
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 30ms
22ms Image
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Sat, 30 Apr 2022 00:58:17 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/24451f0b-1d71-473a-8f80-dc57434692f1/10s/ 5 KB
5 KB 89ms
89ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/24451f0b-1d71-473a-8f80-dc57434692f1/10s/rendition.m3u8?fastly_token=NjQ0ZGQwYjRfYjQ4OGQ1NTY4M2UzMTllMTNhOGU5NDg0Mzk4MDI5YWNmZjJlODZiYjEyMDE5NWIwNTJmMmFiM2M0ODY2Y2NkMg%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 57cf1be1f2301637b004d3555b0f233f4bcde37ce6d6558c0fbd16d7377505b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:17 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 4955
x-served-by: cache-fra19154-FRA
x-device-group: desktop-chrome
x-timer: S1651280298.885873,VS0,VE82
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=15770000, max-age=15770000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/75dc596c-c878-4630-b65c-0ff33c15347e/10s/ 5 KB
5 KB 98ms
97ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/75dc596c-c878-4630-b65c-0ff33c15347e/10s/rendition.m3u8?fastly_token=NjQ0ZGQwYjRfZTZlZDI1ZDgyODBiZGUyZjU0N2NhMDEwNWI4MDc3NDJiZjJjMDBjM2U4ZTVmNWFjNmQzYjBjMGRlYTliZmRmZg%3D%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ff1a4a6dca1880dc7e93d1b0a3c218224e4cfdd9e444c429d0b53e1ff4c4034b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 4947
x-served-by: cache-fra19154-FRA
x-device-group: desktop-chrome
x-timer: S1651280298.980223,VS0,VE86
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=15770000, max-age=15770000
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK a0c8194d-8a96-46b9-b955-057a1c1924da
https://www.xeljanz.com/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/a0c8194d-8a96-46b9-b955-057a1c1924da
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9600506988c16b3c8852d74d84dce49f1d7c0a2b1a9920848b5ce6e797247832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
H2 200 segment0.ts Show response
house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/24451f0b-1d71-473a-8f80-dc57434692f1/5x/ 893 KB
894 KB 51ms
9ms XHR
video/mp2t 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/24451f0b-1d71-473a-8f80-dc57434692f1/5x/segment0.ts?fastly_token=NjQ0ZGQwYjRfZjU5NTEyYmQ0YTk0ODNiZGEyMWZmZDAxMTdkNTJlM2MyNDQyMzU0NTQ1ZDVjZDkyNzA3NzkwZjAyMDY2ZmJjOV8vL2hvdXNlLWZhc3RseS1zaWduZWQtZXUtd2VzdC0xLXByb2QuYnJpZ2h0Y292ZWNkbi5jb20vbWVkaWEvdjEvaGxzL3Y0L2NsZWFyLzE4NTIxMTMwMjIwMDEvYjZkNzcwZGQtZjViZi00ZTUwLTlmNTQtNTVhMTU2YmU1Y2MxLzI0NDUxZjBiLTFkNzEtNDczYS04ZjgwLWRjNTc0MzQ2OTJmMS8%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 63036a27b1c5b8f27f56206c216961d9fe7dbc6ff1dcd5660b5469439735ac72

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
via: 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront), 1.1 varnish
age: 118748
x-powered-by: BC
x-cache: Miss from cloudfront, HIT
backend-ip: 18.66.121.209
content-length: 914808
x-served-by: cache-hhn4064-HHN
expires: Fri, 28 Apr 2023 15:59:09 GMT
last-modified: Fri, 01 Jan 2016 00:00:00 GMT
x-timer: S1651280298.030823,VS0,VE3
x-powered-from: gantry
etag: "5ade5e27d234a9edcf761951a913195c"
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-amz-cf-id: Q0eZdXZr-ZInOAzoCiiCjMqPcE0ujov-kJosMMrL_0kWCVnnwJVmcA==
x-cache-hits: 1

GET
BLOB 200
OK dfd402b4-e9e2-4d84-8b9e-a4eae4b19a92
https://www.xeljanz.com/ 57 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.xeljanz.com/dfd402b4-e9e2-4d84-8b9e-a4eae4b19a92
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9600506988c16b3c8852d74d84dce49f1d7c0a2b1a9920848b5ce6e797247832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 58236
Content-Type: application/javascript

GET
H2 200 segment0.ts Show response
house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/75dc596c-c878-4630-b65c-0ff33c15347e/5x/ 224 KB
224 KB 9ms
9ms XHR
video/mp2t 2a04:4e42:1b::539
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/1852113022001/b6d770dd-f5bf-4e50-9f54-55a156be5cc1/75dc596c-c878-4630-b65c-0ff33c15347e/5x/segment0.ts?fastly_token=NjQ0ZGQwYjVfYjczYjk0MzdiODQ1YmY4MDI5YWQ0NjRkMWYwODI1MWJlOWU5NmY1MmEyM2MyM2I2MjhlOTQ2OTFhM2NmODY5NF8vL2hvdXNlLWZhc3RseS1zaWduZWQtZXUtd2VzdC0xLXByb2QuYnJpZ2h0Y292ZWNkbi5jb20vbWVkaWEvdjEvaGxzL3Y0L2NsZWFyLzE4NTIxMTMwMjIwMDEvYjZkNzcwZGQtZjViZi00ZTUwLTlmNTQtNTVhMTU2YmU1Y2MxLzc1ZGM1OTZjLWM4NzgtNDYzMC1iNjVjLTBmZjMzYzE1MzQ3ZS8%3D
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/1852113022001/Bktl31JMb_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::539 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 35e2741f78bb4fee3e9750bb1ed5624aa412ba1e5dc17d7d0bbe4c51c0a50912

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront), 1.1 varnish
age: 918354
x-powered-by: BC
x-cache: Miss from cloudfront, HIT
backend-ip: 143.204.101.98
content-length: 228984
x-served-by: cache-hhn4064-HHN
expires: Wed, 19 Apr 2023 09:52:23 GMT
last-modified: Fri, 01 Jan 2016 00:00:00 GMT
x-timer: S1651280298.099405,VS0,VE2
x-powered-from: gantry
etag: "bc78b26985fbb558ab0c2b3de4b0ef9b"
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-amz-cf-id: 0XgdlXls3G7nC8umUZ5W49OXqqBGSVuh5yubfCTL0_61aTuidygsGQ==
x-cache-hits: 1

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 59ms
7ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e01b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=bla8tfy&ht=tk&f=6844.6846.6848.6849.6851.6852.14541.14542.14543.14544.14545.14546.14547.14548.14549.14550&a=1351187&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e01b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/libraries/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umanimzpEkq5XBIKBl4y7ESyarePBuGeSlj9sAyy9KH9vOEbp53%2F2sM9zQMd8vJJwPbpgIPi2hjtvo%2F8f2bKhhAkcZ6voF7P17mu0IIXREg6M2%2BRnt7fEZ7SrWCAz0Se3zUFxhPXuP55ulZPLs9s78iM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 703c54081dde5b7a-FRA
expires: Thu, 20 Apr 2023 00:58:18 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 64 KB
17 KB 54ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f284bd08570044c245ac95d65dac3de113c9e5bba507dfa7ebce0a6a06af4e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 19:13:01 GMT
server: AkamaiNetStorage
etag: "c64d20d9ef120815180d3ea83b12ce94:1649272380.921601"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16972
expires: Mon, 02 May 2022 00:58:18 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 58ms
11ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/2025/ 112 KB
6 KB 58ms
12ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2025/snthemes.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b7cf145e0ca3254b4d15d8e52d08c07f31b0ef4e70b3fbabb193e69a0fe18fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 10:44:41 GMT
server: AkamaiNetStorage
etag: "8ab7fe2f76700083a03bbcf02c9eb232:1646909080.964545"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5558
expires: Mon, 02 May 2022 00:58:18 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/2025/xeljanz/ 2 KB
1 KB 60ms
13ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2025/xeljanz/settings.js
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dfe0e4a69c33664fe4196435fc16002b23e0ea8824d162834364d762ffb20f37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 21:03:17 GMT
server: AkamaiNetStorage
etag: "e951688f35416656430d055065e3f677:1649710997.687732"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 813
expires: Mon, 02 May 2022 00:58:18 GMT

GET
H2 200 l
use.typekit.net/af/f18587/00000000000000007735a07a/30/ 17 KB
18 KB 33ms
8ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f18587/00000000000000007735a07a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a

Request headers

Referer: https://use.typekit.net/bla8tfy.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
server: nginx
etag: "ec65454125f52ade60a7a7dba7db35136a0a5833"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17756

GET
H2 200 l
use.typekit.net/af/8939f9/00000000000000007735a061/30/ 18 KB
18 KB 37ms
15ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8939f9/00000000000000007735a061/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1

Request headers

Referer: https://use.typekit.net/bla8tfy.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
server: nginx
etag: "688538e722636b5c39cb4cffbe6ad7c0119c9521"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18584

GET
H2 200 l
use.typekit.net/af/8c3639/00000000000000007735a07c/30/ 18 KB
18 KB 30ms
9ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8c3639/00000000000000007735a07c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c6b5286734f6c9010f96dd4e17a93d5916828368821a4fcd1dea41a3f2a3081f

Request headers

Referer: https://use.typekit.net/bla8tfy.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
server: nginx
etag: "eb08a6cab7daf0b320e485d679949c2c3e5fbb6b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18448

GET
H2 200 l
use.typekit.net/af/d4e28f/00000000000000007735a072/30/ 17 KB
17 KB 26ms
9ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d4e28f/00000000000000007735a072/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 27db7fd75fb6880a6e0e39815ff64c57b6c86e42865ccf23d0b9e568b4f527d0

Request headers

Referer: https://use.typekit.net/bla8tfy.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
server: nginx
etag: "7d08e90b937d4b1f9a5dc3fd5e6be0d6567f3c34"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17040

GET
H2 200 l
use.typekit.net/af/cb3467/00000000000000007735a069/30/ 17 KB
17 KB 29ms
18ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cb3467/00000000000000007735a069/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/bla8tfy.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2a75635917df5087c97113911f69e6faa21784d30517623e22c651cc30d61907

Request headers

Referer: https://use.typekit.net/bla8tfy.css
Origin: https://www.xeljanz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
server: nginx
etag: "862ad86078a9bd40eec303558e1820661cbe23a9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17072

GET
H/1.1 200
OK esw.html Show response
service.force.com/embeddedservice/5.0/ Frame 1C85 194 B
1 KB 26ms
22ms Document
text/html 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=86400
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html;charset=UTF-8
Date: Sat, 30 Apr 2022 00:58:18 GMT
Expires: Sun, 01 May 2022 00:58:18 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H2 200 chatbot_button_active_xeljanz.svg
www.xeljanz.com/images/chatbot/ 649 B
9 KB 28ms
24ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/chatbot/chatbot_button_active_xeljanz.svg

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/css/chatbot/XeljanzEinsteinBot.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f692bb2c473c9f06d868e2dd8b58f961eff6514f257c6a1d96acd84d55450608

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/css/chatbot/XeljanzEinsteinBot.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 70549
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-request-id: PD72EDJ3G4BTXTZW
x-amz-id-2: hK7RwvXYai4fqBfU5M6B2zYSkCXlizRBMjddj+NFQbjEXbi04IheaMoFWZpmdM2lwBvwsbhUWXQ=
accept-ranges: bytes
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:01 GMT
server: AmazonS3
date: Fri, 29 Apr 2022 05:22:29 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "c5eab3b17bc962fb216dcce1410aacaa"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
content-length: 649
x-edison-type: Lite
x-amz-cf-id: BxQIbFpGwv8BCKS8C92bIB9QoLMdmmn0-Qb15IEB_ygibFCLab079A==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 circle-1.svg
www.xeljanz.com/images/icons/ 897 B
9 KB 892ms
892ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/circle-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0564421dc8dc70ef11dcb9cb45ce1d3a8695ec0a2af7907c2abac71272076144

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: R50B1NCBARQFMXHT
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 897
x-amz-id-2: Mact14W7ghtF9poleyHuTYUxEout8YvaPK+rWG7OGkF0yxutP17CQXiLEsUqxf0ospkCPTQMsis=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:52 GMT
server: AmazonS3
date: Sat, 30 Apr 2022 00:58:19 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "98e3d9ad891fe7a703f11d14fd7940a7"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-edison-type: Lite
x-amz-cf-id: C18TPY9Q7FXnrHlgXQgULPlFr8LUIRmPA7wG1dEUuzInMRW9et5U2w==

GET
H2 200 circle-2.svg
www.xeljanz.com/images/icons/ 1 KB
9 KB 863ms
863ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/circle-2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

451c8420f430d3f8508c1380310ed1c2436504e811eb65a6c45cad48c397d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: R503Y29E95Y7PK17
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-id-2: mGMJuWSgYINMUMQGUrwcZMa03YospyC+wP3PAzH1fDxvB1mzszhsQcQcVeJ4LRZWu5O/1rNPsaI=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:52 GMT
server: AmazonS3
date: Sat, 30 Apr 2022 00:58:19 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"dbd3f3c0994e44f06eb4ffede1d48068"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: k9cebkFoeCE8Rac6MD3OQe2g7xRKloGLM4tPTTtTL4NjgGVl54jqDQ==

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame FF50 2 KB
1 KB 10ms
10ms Document
text/html 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-527250.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-122.dus51.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12819912
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Dec 2021 15:53:06 GMT
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
vary: Accept-Encoding
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-id: V4vACyjJUz2LboATCfQQNFwXwH8OYi8XVRegGReBvBu0n1bDYZH9pw==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK eswFrame.min.js Show response
service.force.com/embeddedservice/5.0/ Frame 1C85 5 KB
2 KB 20ms
20ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 04 Mar 2021 00:36:08 GMT
Age: 6716
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1804
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:22 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/2025/translations/ 174 KB
9 KB 7ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2025/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6805128f208f4037398e68b86ecfbb55772c0cbd29418c851db069d6a7bd4153

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 20:59:39 GMT
server: AkamaiNetStorage
etag: "2f3820525ecb912f3ac8d49c068df098:1646773179.629036"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8584
expires: Mon, 02 May 2022 00:58:18 GMT

GET
H2 204 1
l.evidon.com/site/v3/2025/28224/1/1/1/ 0
120 B 330ms
97ms Image
text/plain 34.196.43.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2025/28224/1/1/1/1?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.43.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-43-186.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H/1.1 200
OK session.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 1C85 2 KB
1 KB 20ms
19ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 Mar 2021 18:51:46 GMT
Age: 6717
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 768
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:21 GMT

GET
H/1.1 200
OK broadcast.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 1C85 2 KB
1 KB 21ms
21ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 18 Feb 2021 00:07:24 GMT
Age: 6717
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 779
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:21 GMT

GET
H2 204 75353
l.evidon.com/site/v3/2025/28224/1/2/1/1/ 0
121 B 298ms
96ms Image
text/plain 34.196.43.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2025/28224/1/2/1/1/75353?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.43.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-43-186.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 75353
l.evidon.com/site/v3/2025/28224/1/1/1/1/ 0
120 B 298ms
96ms Image
text/plain 34.196.43.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/2025/28224/1/1/1/1/75353?consent=1&regulationid=0&regulationconsenttypeid=0
Requested by: Host: www.xeljanz.com
URL: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.43.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-43-186.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:18 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H/1.1 200
OK chasitor.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 1C85 22 KB
5 KB 22ms
22ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 25 May 2021 17:01:20 GMT
Age: 6711
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5016
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:27 GMT

GET
H/1.1 200
OK EmbeddedServiceConfig.jsonp Show response
d.la3-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 16 KB
4 KB 1009ms
97ms Script
text/javascript 13.109.190.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5Y000002W2R8&EmbeddedServiceConfig.configName=Xeljanz_Group&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

Software

Resource Hash

d35acf3259bd52d5999f4ca0db780ccfb7cf9e8bb7ecb4a8047525f9c34275f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK invite.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 19 KB
5 KB 20ms
20ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 00:43:36 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Sep 2021 16:25:36 GMT
Age: 882
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 4540
X-XSS-Protection: 1; mode=block
Expires: Sun, 01 May 2022 00:43:36 GMT

GET
H/1.1 200
OK filetransfer.esw.min.js Show response
service.force.com/embeddedservice/5.0/frame/ Frame 1C85 473 B
744 B 20ms
20ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 6711
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 231
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:27 GMT

GET
H/1.1 200
OK Settings.jsonp Show response
d.la3-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/ 345 B
676 B 979ms
95ms Script
text/javascript 13.109.190.168
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la3-c2-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735Y000000tUoi]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725Y000000tUAT&org_id=00D5Y000002W2R8&version=48

Requested by

Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.168 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.la3-c2-ia4.salesforceliveagent.com

Software

Resource Hash

656d282ad70718e43f4b8305db01c323d3938f8f1a929423f9b15d13575c8bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H/1.1 200
OK inert.min.js Show response
service.force.com/embeddedservice/5.0/utils/ 8 KB
3 KB 21ms
20ms Script
application/x-javascript 161.71.1.165
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/utils/inert.min.js

Requested by

Host: www.xeljanz.com
URL: https://www.xeljanz.com/js/chatbot/SalesforceEmbeddedService.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 29 Apr 2022 23:06:56 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 18 Aug 2020 17:12:46 GMT
Age: 6682
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 2469
X-XSS-Protection: 1; mode=block
Expires: Sat, 30 Apr 2022 23:06:56 GMT

GET
H2 200 RC93e800a020a245989e49031e5fdbe1d5-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 774 B
703 B 32ms
32ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RC93e800a020a245989e49031e5fdbe1d5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2648af60ced0cd234544c5fe9200307960e9d98e0ef40665b1abe193a9bce7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 457
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RC05a4cec79ec341d2a41dd8f7c2e28265-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 654 B
583 B 35ms
34ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RC05a4cec79ec341d2a41dd8f7c2e28265-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d873eabd616a64f067d7983423ff6a22c409dbd45fef5d86a84f9de3b4635c87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 337
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RC8fb04f499f8945048daf7f79b7740f84-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 298 B
430 B 35ms
35ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RC8fb04f499f8945048daf7f79b7740f84-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 74ca9e7276998fb016730755e3091b44cc15767ac511e5efcdd1f7372695eb80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 184
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RCb7208c477b474fa486a6106bbbb2b49b-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 13 KB
2 KB 35ms
35ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RCb7208c477b474fa486a6106bbbb2b49b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0ff0f95bd786a8558fe5caf54f8e38d260c5d696f2b9e340bb26afed44ce65b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2063
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RCa7100bd758584bb78cbc4093e295d352-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 13 KB
2 KB 36ms
36ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RCa7100bd758584bb78cbc4093e295d352-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1318f42cd7797704500e455ed7dd114525aa306b684e72d79f8746b0196fed5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2198
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RCea9dd58ea2ed4e52b22f1e4a59333f9a-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 490 B
514 B 36ms
36ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RCea9dd58ea2ed4e52b22f1e4a59333f9a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c9240b98640434f79dd6d06f31c1d5e6fa880df30138fb50a0012a9f6a3dbdc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 268
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RCf51af940ef2b4557a55e14ca064ca25d-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 473 B
523 B 37ms
36ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RCf51af940ef2b4557a55e14ca064ca25d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6a3b92c9dfb012da33c3845e84e35cf5c736f88341ba33099ddf061faf8e9d99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 277
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 RC53cf4feb208c488fa1e3e9accc3cc507-source.min.js Show response
assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/ 367 B
481 B 37ms
37ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/43dee338f148/RC53cf4feb208c488fa1e3e9accc3cc507-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b0625fb6552a4aff3d86803276d1c8f3c7ba0bc6445b76a5d3fba0b578a06b01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 15:07:34 GMT
server: AkamaiNetStorage
etag: "4bcc1684ea77e8557b368be6d9e36683:1608217654.941123"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 235
expires: Sat, 30 Apr 2022 01:58:19 GMT

GET
H2 200 circle-1.svg
www.xeljanz.com/images/icons/ 897 B
9 KB 28ms
27ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/circle-1.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0564421dc8dc70ef11dcb9cb45ce1d3a8695ec0a2af7907c2abac71272076144

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-request-id: R50B1NCBARQFMXHT
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 897
x-amz-id-2: Mact14W7ghtF9poleyHuTYUxEout8YvaPK+rWG7OGkF0yxutP17CQXiLEsUqxf0ospkCPTQMsis=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:52 GMT
server: AmazonS3
date: Sat, 30 Apr 2022 00:58:19 GMT
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
x-xss-protection: 1; mode=block
etag: "98e3d9ad891fe7a703f11d14fd7940a7"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-edison-type: Lite
x-amz-cf-id: Hg9wAoN9VxMwCS_UJWGTajOdbgiTlo6ZkycA_hiwUn0sg6ZELkVi9A==

GET
H2 200 circle-2.svg
www.xeljanz.com/images/icons/ 1 KB
9 KB 29ms
29ms Image
image/svg+xml 2600:9000:2315:5400:13:12cf:cf00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.xeljanz.com/images/icons/circle-2.svg

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery.lazyloadxt/1.1.0/jquery.lazyloadxt.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:5400:13:12cf:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

451c8420f430d3f8508c1380310ed1c2436504e811eb65a6c45cad48c397d50a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xeljanz.com/savings-and-support?ind=ra&src_code=XELW10027325&utm_source=pfizer&utm_medium=vanity&utm_campaign=crmstream&utm_term=support.xeljanz.com&utm_content=conversion3openenrollment
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: R503Y29E95Y7PK17
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-id-2: mGMJuWSgYINMUMQGUrwcZMa03YospyC+wP3PAzH1fDxvB1mzszhsQcQcVeJ4LRZWu5O/1rNPsaI=
referrer-policy: same-origin
last-modified: Mon, 11 Apr 2022 07:07:52 GMT
server: AmazonS3
date: Sat, 30 Apr 2022 00:58:19 GMT
vary: Accept-Encoding
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://pfizer.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/svg+xml
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
etag: W/"dbd3f3c0994e44f06eb4ffede1d48068"
content-security-policy: default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://*.akafms.net/ https://*.akamaihd.net/ https://*.brightcove.com/ https://*.brightcovecdn.com/ https://*.brightcove.net/ https://*.cloudfront.net/ https://*.digitalpfizer.com/ https://*.evidon.com/ https://*.force.com/ https://*.hapyak.com/ https://*.hotjar.com/ https://*.llnw.net/ https://*.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://*.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://*.hotjar.com/ wss://*.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://*.hotjar.com/ https://bam.nr-data.net/ https://*.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://*.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://*.fls.doubleclick.net/ https://*.force.com/ https://*.hapyak.com/ https://*.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://*.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://*.akafms.net/ https://*.akamaihd.net/ https://*.boltdns.net/ https://*.brightcovecdn.com/ https://*.llnw.net/ https://*.llnwd.net/ https://*.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://*.boltdns.net/ https://*.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.cloudfront.net/js/hapyak.js https://*.digitalpfizer.com https://*.force.com/ https://*.janrain.com https://*.janraincapture.com https://*.janrainsso.com https://*.salesforce.com/ https://*.salesforceliveagent.com/ https://*.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://*.cloudfront.net/js/partners/brightcovePlugin/ https://*.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://*.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://*.force.com/ https://js-agent.newrelic.com https://*.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://*.digitalpfizer.com/ https://*.force.com/ https://*.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://*.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://*.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
x-amz-cf-pop: DUS51-P2
x-edison-type: Lite
x-amz-cf-id: OVP6-H5654mgVn1viLhzDO_yZfXti5Giu3Yb6PF7G11ul5GR13jmSg==

GET
H2 200 hotjar-527250.js Show response
static.hotjar.com/c/ 4 KB
2 KB 11ms
11ms Script
application/javascript 108.157.4.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-527250.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-118.dus51.r.cloudfront.net

Software

Resource Hash

bab6abf5cd5ef26a0ad478791ba9f1672606067cb573630222537826bcacc4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 3
etag: W/6155e3e7be4371797280d40d7bc2d95f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: iuHw8jMnI9pdvd788fcY9j_ugnN-KZfQM5JWSa_ynjE7TBwxQOc0rQ==
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)

GET
H2

200

s64939808415709
pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/
Redirect Chain

https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UTF-8&cdp=2&...
https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&pccr=true&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UT...

43 B
327 B

16ms
16ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&pccr=true&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UTF-8&cdp=2&pageName=Savings%20%26%20Support%7CRA&g=https%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&cc=USD&ch=savings-and-support&server=www.xeljanz.com&v0=XELW10027325&events=event7&c1=savings-and-support&h1=D%3DpageName&v2=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&v3=D%3DpageName&c14=20220430&v14=20220430&c15=00%3A30%20AM&v15=00%3A30%20AM&c16=SA&v16=SA&c18=New&v18=New&c23=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&c36=20220430T0058&c54=NA&v54=NA&c55=615ef85f-c840-4177-a209-1d19cde2b365&c56=D%3DpageName&v61=US%20PCC%20Prod%20Xeljanz&v65=US&c67=US&c68=D%3Dv73&v70=2.20.0&v73=ra&v78=Managed-Custom&v145=1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Protocol

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:19 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 01 May 2022 00:58:19 GMT
server: jag
xserver: anedge-b4b698fcd-rb77c
etag: 3546097441552171008-4619860414528137481
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 29 Apr 2022 00:58:19 GMT

Redirect headers

date: Sat, 30 Apr 2022 00:58:19 GMT
x-content-type-options: nosniff
x-c: main-1640.Id95fac.M0-564
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://pfizer.sc.omtrdc.net/b/ss/pfizerglobalimpatientsprod/1/JS-2.20.0/s64939808415709?AQB=1&pccr=true&ndh=1&pf=1&t=30%2F3%2F2022%200%3A58%3A19%206%200&fid=3A5AA502120D2EE5-23EFA10D72EF57A0&ce=UTF-8&cdp=2&pageName=Savings%20%26%20Support%7CRA&g=https%3A%2F%2Fwww.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&cc=USD&ch=savings-and-support&server=www.xeljanz.com&v0=XELW10027325&events=event7&c1=savings-and-support&h1=D%3DpageName&v2=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&v3=D%3DpageName&c14=20220430&v14=20220430&c15=00%3A30%20AM&v15=00%3A30%20AM&c16=SA&v16=SA&c18=New&v18=New&c23=www.xeljanz.com%2Fsavings-and-support%3Find%3Dra%26src_code%3DXELW10027325%26utm_source%3Dpfizer%26utm_medium%3Dvanity%26utm_campaign%3Dcrmstream%26utm_term%3Dsupport.xeljanz.com%26utm_content%3Dconversion3openenrollment&c36=20220430T0058&c54=NA&v54=NA&c55=615ef85f-c840-4177-a209-1d19cde2b365&c56=D%3DpageName&v61=US%20PCC%20Prod%20Xeljanz&v65=US&c67=US&c68=D%3Dv73&v70=2.20.0&v73=ra&v78=Managed-Custom&v145=1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified: Sun, 01 May 2022 00:58:19 GMT
server: jag
xserver: anedge-b4b698fcd-msv6l
vary: Origin
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 29 Apr 2022 00:58:19 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/2025/xeljanz/ 2 KB
1 KB 7ms
7ms Script
application/x-javascript 104.92.81.61
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/2025/xeljanz/settings.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.92.81.61 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-81-61.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dfe0e4a69c33664fe4196435fc16002b23e0ea8824d162834364d762ffb20f37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 00:58:20 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 21:03:17 GMT
server: AkamaiNetStorage
etag: "e951688f35416656430d055065e3f677:1649710997.687732"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 813
expires: Mon, 02 May 2022 00:58:20 GMT

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xeljanz.com/	1969-12-31 23:59:59	Name: __cfruid Value: ed4d9175e5b634fb73368602785fb6b6d62683dc-1651280294
www.xeljanz.com/	1969-12-31 23:59:59	Name: ind Value: ra
www.xeljanz.com/	1969-12-31 23:59:59	Name: src_code Value: XELW10027325
www.xeljanz.com/	1970-01-20 02:42:46	Name: agonostic_unique Value: 1
.doubleclick.net/	1970-01-20 12:02:56	Name: IDE Value: AHWqTUkXFrxbAgYfoTtgG9eIkYBRTkX-ePko1RQO6tb5PjX9KjS-Ppr8I_xX-SCGXtM
.yahoo.com/	1970-01-20 11:27:17	Name: A3 Value: d=AQABBKmJbGICENHavWp95J3J5EkPXChc6JkFEgEBAQHbbWJ2YgAAAAAA_eMAAA&S=AQAAAhPS0qNfGGbxZhwhgdC9uG0
.force.com/	1970-01-20 11:26:56	Name: BrowserId_sec Value: n43tDMggEeyo8Kvo8EHMgw
.xeljanz.com/	1970-01-20 11:26:56	Name: _hjSessionUser_527250 Value: eyJpZCI6ImIxOGFkOWM4LWU3Y2MtNTI3YS04NTNmLTU5ZjZkMTlhZmI1NyIsImNyZWF0ZWQiOjE2NTEyODAyOTY4NTksImV4aXN0aW5nIjpmYWxzZX0=
.xeljanz.com/	1970-01-20 02:41:22	Name: _hjFirstSeen Value: 1
www.xeljanz.com/	1970-01-20 02:41:20	Name: _hjIncludedInSessionSample Value: 1
.xeljanz.com/	1970-01-20 02:41:22	Name: _hjSession_527250 Value: eyJpZCI6ImQwYmEzMjAzLTRiYmItNGQxZi1hNTkxLTA5ZGNkZjY1NWVlNCIsImNyZWF0ZWQiOjE2NTEyODAyOTg0OTMsImluU2FtcGxlIjp0cnVlfQ==
.xeljanz.com/	1970-01-20 02:41:22	Name: _hjAbsoluteSessionInProgress Value: 0
www.xeljanz.com/	1969-12-31 23:59:59	Name: isiIndicationCookieSidebar Value: yes
www.xeljanz.com/	1969-12-31 23:59:59	Name: isiIndicationCookie Value: yes
.xeljanz.com/	1970-01-21 22:30:46	Name: s_pers Value: %20s_fid%3D3A5AA502120D2EE5-23EFA10D72EF57A0%7C1809046699592%3B
.xeljanz.com/	1969-12-31 23:59:59	Name: s_cmp Value: XELW10027325
.xeljanz.com/	1970-01-20 03:24:32	Name: s_nr Value: 1651280299603-New
.xeljanz.com/	1970-01-20 02:41:22	Name: s_ppn Value: Savings%20%26%20Support%7CRA
.xeljanz.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_plt%3D5.65%3B%20s_pltp%3DSavings%2520%2526%2520Support%257CRA%3B%20s_tp%3D5771%3B%20s_ppv%3DSavings%252520%252526%252520Support%25257CRA%252C21%252C21%252C1200%3B%20s_cc%3Dtrue%3B
.omtrdc.net/	1970-01-20 20:12:32	Name: s_vi_jx7Csx60x7Fhx7Dvuxxx7Bvswjx7Bnsx7Ftnijhux7E Value: [CS]v4\|313644D5C6A3CACB-40000A91E7D6A90A\|626C89AB[CE]

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://assets.adobedtm.com/22baa8e94be8/d7fc55bd53e9/launch-cf7670f58ac3.min.js(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://s3.amazonaws.com/pfe_im/js/prod/pcc/pf_appmeasurement.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; report-uri https://pfeprod.report-uri.com/r/t/csp/enforce; child-src 'self' blob:; connect-src 'self' blob: https://.akafms.net/ https://.akamaihd.net/ https://.brightcove.com/ https://.brightcovecdn.com/ https://.brightcove.net/ https://.cloudfront.net/ https://.digitalpfizer.com/ https://.evidon.com/ https://.force.com/ https://.hapyak.com/ https://.hotjar.com/ https://.llnw.net/ https://.llnwd.net/ https://1vrf04rusa.execute-api.eu-west-1.amazonaws.com/ https://223i44638a.execute-api.eu-west-1.amazonaws.com/ https://6q7zxrfi35.execute-api.eu-west-1.amazonaws.com/ https://amer-identity.pfizer.com/ https://appsapi.veinteractive.com/api/ https://bam.nr-data.net/ https://brightcove.hs.llnwd.net/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://code.jquery.com/ https://cookiee1.veinteractive.com/api/ https://drs2.veinteractive.com/ https://dpm.demdex.net/ https://edge.api.brightcove.com/ https://emea-identity.pfizer.com/ https://f1.media.brightcove.com/ https://geoip-js.maxmind.com/geoip/v2.1/country/ https://grv-assets.pfizer.com/ https://house-cloudfront.ap-northeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-1.prod.boltdns.net/ https://house-cloudfront.ap-southeast-2.prod.boltdns.net/ https://house-cloudfront.eu-west-1.prod.boltdns.net/ https://house-cloudfront.us-east-1.prod.boltdns.net/ https://maps.googleapis.com/maps/api/mapsjs/gen_204 https://manifest.prod.boltdns.net/ https://in.hotjar.com/api/v2/client/sites/ https://js-agent.newrelic.com/ https://l.betrad.com/ https://loremflickr.com/ https://maps.googleapis.com/ https://metrics.articulate.com/ https://.thunderhead.com/ https://newton-api.eu.cloudhub.io https://pfe-dse-dar-poc.auth.us-east-1.amazoncognito.com/ https://pfizer.sc.omtrdc.net/ https://players.brightcove.net/ https://secure.brightcove.com/services/mobile/streaming/ https://sessionapi.veinteractive.com/ https://sitecatalyst.omniture.com/sc15/activitymap/ https://storybook.js.org/ https://tagmanager.google.com/ https://vlswbkfag3.execute-api.eu-west-1.amazonaws.com/ https://vc.hotjar.io/ https://vc.hotjar.io/views/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google-analytics.com/ https://www.facebook.com/ wss://.hotjar.com/ wss://.pfizer.com/ wss://streaming.mypurecloud.de https://manifest.prod.boltdns.net/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/ https://pfraxeljanzcom-dev.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev.pfizersite.io/js-api/question https://pfraxeljanzcom-dev.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-dev.pfizersite.io/download-image/ https://pfraxeljanzcom-dev3.pfizersite.io/js-api/submission https://pfraxeljanzcom-dev3.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-dev3.pfizersite.io/js-api/ddg https://pfraxeljanzcom-dev3.pfizersite.io/js-api/question https://pfraxeljanzcom-dev3.pfizersite.io/js-api/glossary https://pfraxeljanzcom-dev3.pfizersite.io/download-image/ https://pfraxeljanzcom-stage.pfizersite.io/js-api/glossary https://pfraxeljanzcom-stage.pfizersite.io/js-api/submission https://pfraxeljanzcom-stage.pfizersite.io/js-api/digitalwallet https://pfraxeljanzcom-stage.pfizersite.io/js-api/ddg https://pfraxeljanzcom-stage.pfizersite.io/js-api/question https://pfraxeljanzcom-stage.pfizersite.io/quickauth/getoken https://pfraxeljanzcom-stage.pfizersite.io/download-image/ https://api.xeljanz.com/js-api/submission https://api.xeljanz.com/js-api/digitalwallet https://api.xeljanz.com/js-api/ddg https://api.xeljanz.com/js-api/question https://api.xeljanz.com/js-api/glossary https://api.xeljanz.com/quickauth/getoken https://api.xeljanz.com/download-image/ https://.hotjar.com/ https://bam.nr-data.net/ https://.force.com https://js-agent.newrelic.com https://json-aws-testing.s3.us-east-2.amazonaws.com/data.json; font-src 'self' data: https://.digitalpfizer.com/ https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.ttf https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://docs.gcs.digitalpfizer.com/fonts/ https://fast.fonts.net/ https://fast.fonts.net/dv2/1 https://fonts.googleapis.com/ https://fonts.gstatic.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://quilt-cdn.janrain.com/HEAD/JanrainIcons.eot https://quilt-cdn.janrain.com/HEAD/JanrainIcons.svg https://maxcdn.bootstrapcdn.com/font-awesome/ https://script.hotjar.com https://use.fontawesome.com/releases/ https://vjs.zencdn.net/ https://use.typekit.net/ https://api2.fonts.com/; frame-ancestors 'self'; frame-src 'self' https://.fls.doubleclick.net/ https://.force.com/ https://.hapyak.com/ https://.hapyak-hosted.com/ https://activitymap.adobe.com/sc15/activitymap/ https://bid.g.doubleclick.net/ https://config1.veinteractive.com/ https://hapyak-assets.s3.amazonaws.com/ https://l3.evidon.com/ https://pfizer.demdex.net/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/video https://sketchfab.com/ https://staticxx.facebook.com/ https://syndication.twitter.com/ https://vars.hotjar.com/ https://v5.organimi.com/ https://where-to-buy.co/ https://www.facebook.com/ https://www.google.com/maps/ https://www.youtube.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.google.com/ https://.force.com/; img-src 'self' blob: data: https://* https://cf-images.eu-west-1.prod.boltdns.net/ https://maps.gstatic.com/ https://segment.a3cloud.net/ https://segment.a3cloud.net/px.png/; manifest-src 'self'; media-src 'self' blob: data: https://.akafms.net/ https://.akamaihd.net/ https://.boltdns.net/ https://.brightcovecdn.com/ https://.llnw.net/ https://.llnwd.net/ https://.media.brightcove.com/ https://manifest.prod.boltdns.net/ https://secure.brightcove.com/services/mobile/streaming/ https://manifest.prod.boltdns.net https://manifest.prod.boltdns.net/manifest/v1/hls/v4 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8 https://manifest.prod.boltdns.net/manifest/v1/hls/v4/clear/1852113022001/4b04046b-5473-4ab7-8feb-374c4bc35537/10s/master.m3u8/ https://house-fastly-signed-eu-west-1-prod.brightcovecdn.com/media/v1/hls/v4/clear/; object-src 'self' https://players.brightcove.net/; prefetch-src 'self' https://.boltdns.net/ https://.brightcovecdn.com/; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.cloudfront.net/js/hapyak.js https://.digitalpfizer.com https://.force.com/ https://.janrain.com https://.janraincapture.com https://.janrainsso.com https://.salesforce.com/ https://.salesforceliveagent.com/ https://.thunderhead.com/ https://a.volvelle.tech/ https://ajax.googleapis.com/ajax/ https://analytics.digitalpfizer.com/js/prod/pcc/ https://analytics.twitter.com/ https://assets.adobedtm.com/ https://assets.edison.sh/ https://bam.nr-data.net/ https://canvas.pfizer.com/ https://cdnjs.cloudflare.com/ https://c.betrad.com/ https://c.evidon.com/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://l.evidon.com/ https://code.jquery.com/ https://connect.facebook.net/ https://cookies.pfizer.com/ https://config1.veinteractive.com/ https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js https://docs.gcs.digitalpfizer.com/ https://fast.fonts.net/jsapi/ https://googleads.g.doubleclick.net/ https://js.maxmind.com/js/apis/geoip2/v2.1/ https://js-agent.newrelic.com/ https://maps.googleapis.com/maps/api/ https://maps.googleapis.com/maps-api-v3/api/js/ https://maxcdn.bootstrapcdn.com/ https://pfcopayoffers-stage.pfizersite.io/ https://pkg-cdn.digitalpfizer.com/ https://platform.twitter.com/ https://players.brightcove.net/ https://player.vimeo.com/ https://player.vimeo.com/api/ https://px.veinteractive.com/ https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://s3.amazonaws.com/pfe_im/ https://s.ytimg.com/yts/jsbin/ https://sadmin.brightcove.com/js/ https://script.hotjar.com/ https://ssl.google-analytics.com/ https://static.ads-twitter.com/ https://static.hotjar.com/c/ https://tagmanager.google.com/ https://tpc.googlesyndication.com/sodar/ https://vjs.zencdn.net/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://www.geoplugin.net/ https://www.googleadservices.com/pagead/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://www.gstatic.com/charts/ https://www.youtube.com/player_api https://.cloudfront.net/js/partners/brightcovePlugin/ https://.cloudflare.com/cdn-cgi/scripts/ https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/ https://docs.gcs.digitalpfizer.com/fonts/fs_albert_pro_web/font_FSAlbert.js https://t.a3cloud.net/ https://t.a3cloud.net/AM-141133/tag.js/ https://widget.doctor.com/ https://www.doctor.com/widget/ https://bam.nr-data.net/ https://.salesforceliveagent.com https://docs.gcs.digitalpfizer.com https://.force.com/ https://js-agent.newrelic.com https://.salesforce.com/ https://s3-eu-west-1.amazonaws.com; style-src 'self' 'unsafe-inline' https://.digitalpfizer.com/ https://.force.com/ https://.janrain.com https://assets.edison.sh/ https://cdn.pfizer.com/ https://cdn-dev.pfizer.com/ https://cdnjs.cloudflare.com/ https://cloud.typography.com/ https://cookies.pfizer.com/ https://fast.fonts.net/ https://fonts.googleapis.com/ https://maxcdn.bootstrapcdn.com/ https://p.typekit.net/ https://pfcopayoffers-stage.pfizersite.io/ https://pfredirect.pfizersite.io/files/fonts/ https://pkg-cdn.digitalpfizer.com/ https://players.brightcove.net/ https://px.veinteractive.com/ https://quilt-cdn.janrain.com/HEAD/providers.css/ https://quilt-cdn.janrain.com/HEAD/widgets.css/ https://service.force.com/embeddedservice/5.0/esw.min.css https://s3-eu-west-1.amazonaws.com/ https://s3.amazonaws.com/docs.gcs.digitalpfizer.com/ https://stackpath.bootstrapcdn.com/ https://tagmanager.google.com/ https://use.typekit.net/ https://www.gstatic.com/charts/ https://.s3.amazonaws.com/ https://webfiles.digitalpfizer.com/ https://webfiles.pfizer.com/ https://.force.com https://s3-eu-west-1.amazonaws.com https://service.force.com/embeddedservice/5.0/esw.min.css; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3822016.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.xeljanz.com
assets.adobedtm.com
c.evidon.com
cdnjs.cloudflare.com
connect.facebook.net
d.la3-c2-ia4.salesforceliveagent.com
docs.gcs.digitalpfizer.com
edge.api.brightcove.com
house-fastly-signed-eu-west-1-prod.brightcovecdn.com
l.evidon.com
manifest.prod.boltdns.net
metrics.brightcove.com
p.typekit.net
pfizer.sc.omtrdc.net
players.brightcove.net
s.yimg.com
s3.amazonaws.com
script.hotjar.com
service.force.com
sp.analytics.yahoo.com
static.hotjar.com
use.typekit.net
vars.hotjar.com
vjs.zencdn.net
www.facebook.com
www.getsupport.xeljanz.com
www.google.com
www.gstatic.com
www.xeljanz.com
104.102.29.115
104.92.81.61
108.157.4.118
108.157.4.122
108.157.4.27
13.109.190.168
13.36.218.177
142.250.185.198
151.101.194.27
161.71.1.165
212.82.100.181
2600:9000:2315:5400:13:12cf:cf00:93a1
2606:4700:4400::ac40:9058
2606:4700::6811:180e
2a00:1288:80:807::1
2a00:1450:4001:808::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a02:26f0:df:3a5::1e80
2a02:26f0:f7::5c7b:e01b
2a02:26f0:f7::5c7b:e031
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::539
2a04:4e42:200::729
34.196.43.186
35.244.232.184
54.231.162.192
008dfd9fc0f4f86f80e5ea56e4e5f48c198604ad2e3b4da24b3958066503608c
00a1230e22b6af3f9df1348f2cd54dc9dbe026f3a41b9bde3009dcefd1648ae1
00ce41838c021f16e46aae285d8e9cc65854808dc9758ac2d0838a2d7a4af9fb
01907f050af7af24649a0956fe68094a9a97c8d120bed0e135dad3da1df4b889
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
03068f86db93fc5c26d79d9136cd1c9d36c6d385d99048e9103a5bc775f5d674
0564421dc8dc70ef11dcb9cb45ce1d3a8695ec0a2af7907c2abac71272076144
056a8ebc64755f2a644ce9f6b88f64f8d4e0e6c85ec29353be8af4264ed9946b
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d8e95aaf936d65aa17592c30c25b7869a15c4718e469fcde9cb8e798a32f655
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f1771e26cbbe3ca6214866b1c4a7314648d387ff41f83cc29564108a0bebfe2
0ff0f95bd786a8558fe5caf54f8e38d260c5d696f2b9e340bb26afed44ce65b0
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
1099704208d26d872003b0ca89cb426202d5544cbd2931c8271885a63b7fd382
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1318f42cd7797704500e455ed7dd114525aa306b684e72d79f8746b0196fed5a
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1552df4ef4509e6fec20905e161a4c8fabf1b9ba78f8be007f8d034fd1e68df8
16e29a84d9fd7e33de92c8a1e543bca3c4c32b7e6be611cd0d99917b3280e03f
18f1a3c08cea337c1abceab33645782f2050166b315349e420f4bb7ab5469b78
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2285ac53c247c9e2fba98e8e6d72c66a513ea769f99774b0a7faf2f590649a10
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
261aaa72df6476ca604b9142d56d5ffdc04e91d0e858c577796854d7872ace86
2648af60ced0cd234544c5fe9200307960e9d98e0ef40665b1abe193a9bce7b6
2668fcec43672a3cc0af9c37ce3e20a9340a60557db859ded6402ea0fbae7028
27db7fd75fb6880a6e0e39815ff64c57b6c86e42865ccf23d0b9e568b4f527d0
2a75635917df5087c97113911f69e6faa21784d30517623e22c651cc30d61907
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ef6104a91c494c4246227a87b19006ca2ae82a8afe08c86f7c8933dca8095e6
305c7973d04b5ac7b4ad4f7f1a5d08ea73be8831fb0929949b754c92a6b49c00
314b282484505a154f1d0172dc25e92c151a58bde4f21c86efd3fdf8eb523825
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
35e2741f78bb4fee3e9750bb1ed5624aa412ba1e5dc17d7d0bbe4c51c0a50912
39a8834ca2b1baefcda1e9038ed33a33ccefcccf1ce9d99a06a145dae8906735
408a8b91ed5b7022295e659b9664bfed75dbe41b0dfd591301f59f20812e8c61
419505385add7c842f46f74fed8bce67cb2d852c45586d18518126f159114bb6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451c8420f430d3f8508c1380310ed1c2436504e811eb65a6c45cad48c397d50a
46f884faef399925ce9b10f7e1874c9da5b39d44c8a33801feb1898f1fb56dfd
4d18b28392abf0df96019c6f0a535cd2188a4d01906191e617ab38a447e4bf07
4f701eb02f2a4e86dab6abe79ace82d02a8d91dff08cfc794d042a45eb110e9b
573051fff252d1ec00104280810db24986fcb73b91d4ab22b18afb302fe46ed4
57c76dd9e213ac109a6bd0b4d682ac9002a054859fe409f1f9715a506901980f
57cf1be1f2301637b004d3555b0f233f4bcde37ce6d6558c0fbd16d7377505b7
58cdbe229108812a2f918d1d247f87ae19b558d9b8ffb51c88b9cd046d7bfe43
5a1a0a519cb15cecc9efbd15b874c91182855a6e05c25463c4df1d340519378d
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b17ce347efa0486b6770c9c170cccd5a5f75018bceb99048daddbe1c6fa0be9
5d9a54202c86c83cd687217b8298dd1fba87c6be13fb91c5ad9db3b3abea035c
5e31d09cce730b8067e4d9569a3cb3670d904624f03deb0146282e85342a180c
5f48eaf33812e9dfa0b25ed27a82d818e49447b61f1f6b161971b4fedbd67203
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6144ced21a51b4eaffa8cfcc9a5adb5a70fdda7b9f06505eb61119a40e52852e
63036a27b1c5b8f27f56206c216961d9fe7dbc6ff1dcd5660b5469439735ac72
63294beeb111bd9e7a737af90ad92ad5699400034d5c61e3226a42eaf54b4846
65192ae936d6b51de5a33a17590ef562cfa114f7cb5a87084eb7391fe001518b
656d282ad70718e43f4b8305db01c323d3938f8f1a929423f9b15d13575c8bc2
66458fa5af3f8fbfc9a2b3f72af403cf06d320a21c58c419a90fa8efc1fea0a7
67a3b833bb6acc2b54e00118653dfe9a87b1caa15d7b9bd93646bf81c6a2c5ad
6805128f208f4037398e68b86ecfbb55772c0cbd29418c851db069d6a7bd4153
6a3b92c9dfb012da33c3845e84e35cf5c736f88341ba33099ddf061faf8e9d99
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c10a4b1ced355524333b330207e690e8eed044aedb5118eef38a1b4d867a07d
6c82e1a431ea6a980a1e04dc53e5be414a0e90c255a404f0723cabccea4c36ac
6ea3428983ec9462ead4bf948fdfe980b9727eb4bbc4a0fa69d97908e4d81d71
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
720856eb77027d32170a30abfc9284e6971bd3cb105897ca2fc88ae66522d6dc
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
733e749efc0409aa48e4b96aa6bddfd07545d21a4907049b0dd83eefc7172ec6
74ca9e7276998fb016730755e3091b44cc15767ac511e5efcdd1f7372695eb80
75a5c6db418eb6578695a17508329d29ba8d9fb0e09e14118fc9a5611e2b01c6
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7744d59242ace2af9d3e5da63335fabd752537e4587a285571c187cfd53caf82
7a42186915ee465c5086f8101ce8a196f8bffd87018735e7cbce4926da6db36c
7aff49f06daea1c31fb2f2b456c583ab4647b8c0b9b0766a2f53a54e0cd3028c
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7e624cebaf6719a404c296184b2b90deead0d68c0c87446a7c1834aab70abae5
8369520b16d6fe367ea233130dc9e873b0b4df23a906c58ff2b55f754579746d
83c5ece9cf35853761e37b49818a9b793e1d28a0961fc9326286b13d7264abdd
84601ab6b87966dbd0deaa5b7b4e38e53c5a3e4307a90891ffcd91899670d386
87ef0d0271833205647deef1806e3e427fb69a9b2bedd2e9b874cf2257d49830
8836fe9a3dfe27049df86d0d2115944176aa8ba177a60addbafd838842354157
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
9600506988c16b3c8852d74d84dce49f1d7c0a2b1a9920848b5ce6e797247832
978838ebb9190a3520eb9f10b8d97d50cf9bbb0a62819d5afc69180254751133
9d42b8247255c1d8fb1f549892431cb84dae9e98c7e6f60e7b7986115bbfebd4
a066a57f285c4d2fc351a305f7e3671220d85e97c3f711a70fef42c7c9324f89
a1bdd5ba0a903829d7604612ac3f76e8fba8a05c38b26704246064bcaf7ae355
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3e9e695ef04e38c6417c1877bdd1ad35d02ded1e2d8ce9c3526a9779e08bb62
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ab9721a6b80de7e7c02e87ed0e74ec73599b13940c09bc08e9f663cf76f3b1b1
aee767905b68ea3f552f045d11ce1ff1eba17ddd3dbf334c044ea7539f6fa030
af772d00787070d3f3bd152d82659ed2c50b7a35c231df00983cb251b6d80609
b0625fb6552a4aff3d86803276d1c8f3c7ba0bc6445b76a5d3fba0b578a06b01
b20f3529722c0c0292f9b1e8281a98462f1b3513696b91dbe563004800dbb09c
b227db3465567dcb9cb4cbf2b16ceb31685d02bfeb2950e91d692649f98df228
b7cf145e0ca3254b4d15d8e52d08c07f31b0ef4e70b3fbabb193e69a0fe18fa7
bab6abf5cd5ef26a0ad478791ba9f1672606067cb573630222537826bcacc4d9
bd2ccf45da08b34dc3f8c86357dec93b2578540e027724d069b875c7f3ea5a0e
bf30f21ee6c7d05c68726d17b7756e5acd16ec81db8d3fcdc04b777ebadbe9e5
bfa096868388ea7a452b5d1ae748cb0c78df85d7b87516d58c8ca20eaa62da4b
c6b5286734f6c9010f96dd4e17a93d5916828368821a4fcd1dea41a3f2a3081f
c6cf001d2139c7b8e8ad3b28f6aee37fe46c9fa0ceed880a75a73f9c6cf52125
c70be61ebf5ebc5fb158df7bcc05e1a645c16c863901eb8487fc3d14d2ac801a
c923fa9af7f7ce6c4bdce22e715f67744b79f0b2c4f0445272c79a121b5c91d3
c9240b98640434f79dd6d06f31c1d5e6fa880df30138fb50a0012a9f6a3dbdc9
cc66411d5f8df9b8e21d0ddaed383153575d89601f75417a048a0cf7bb589311
cdbec3ce90f5c4efc7f36125c98c52caf6f501594d0fdfb39c9b4b9f71048a4b
d04352fa2c3edaa588bc8850d5bdda5e22c01cda2b0f8afb21cdd530cc32191f
d35acf3259bd52d5999f4ca0db780ccfb7cf9e8bb7ecb4a8047525f9c34275f7
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d516e4641028e8ff59509eb5609cdcb2b296b9aa23020468930226e37f3f4561
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d720c7eb4c630cbaaea9450b4d94de193ccae370f906c56dca72fc65cf4375cf
d873eabd616a64f067d7983423ff6a22c409dbd45fef5d86a84f9de3b4635c87
d8db4c66148c36a801d2f9722adb309d34a5019fb6cb6bb175d538d1074fd7fc
d9150d95cb343cd724bf29ec6754645e7fe78e79781feb33b6be75f538744617
d932d1509fa87aa4926040d0dd9f6e71344538fe18cb071e6ebd0eb38dade473
dc1ec9e02f7fd28a008997a1e9ef0360dba6866fe21e7553cee19ad23c41901e
dcebf8650b7415b13e348614e8c97395a7b4ee00de7ff87e9989ec4f77ec1f94
dfe0e4a69c33664fe4196435fc16002b23e0ea8824d162834364d762ffb20f37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb84ac5a7c14de28f7cc5c3417d73c315dfca7ff75a2804e65d59c0c59c1d9a1
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0f726c5de7d329445d128c3f76c968eb53f121a1c3fd0420d62af77d6be38
f26ae552d6c54992aa045b5f02f21f27258b7a1d2805259d070deeb2c3afb88d
f284bd08570044c245ac95d65dac3de113c9e5bba507dfa7ebce0a6a06af4e2f
f692bb2c473c9f06d868e2dd8b58f961eff6514f257c6a1d96acd84d55450608
f6c008a30a9cc3a76174ce72d2afedf393413a2cb4c855410f57b8603ea60fd4
f90a9390b673f823fd0534efc7f897272d111e2db5ff71f99539def0d821e15f
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fd8967417795f539dbb323ead019548f84a3875f7c2277db47d2d7ed630a48c1
fec99c3b5d4f16d226677a883490a45e70e42bdb8d6d81753c1ad495bfb8b4d2
ff1a4a6dca1880dc7e93d1b0a3c218224e4cfdd9e444c429d0b53e1ff4c4034b
ff6371615e0346773838916e3221b18cdec2d47dc6de8d58aa4f05c9368f01fd

www.xeljanz.com Open in urlscan Pro 2600:9000:2315:5400:13:12cf:cf00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

94 %HTTPS

52 %IPv6

24 Domains

33 Subdomains

30 IPs

6 Countries

2837 kBTransfer

5083 kBSize

20 Cookies

11 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xeljanz.com Open in urlscan Pro
2600:9000:2315:5400:13:12cf:cf00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

94 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

30
IPs

6
Countries

2837 kB
Transfer

5083 kB
Size

20
Cookies

158 HTTP transactions
6 data transactions